www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/lio404wlnusn
Effective URL:
https://www.file-upload.in/file.php?get=lio404wlnusn
Submission: On September 10 via manual (September 10th 2023, 4:42:26 pm UTC) from VN — Scanned from CH

Summary HTTP 268 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 27 domains to perform 268 HTTP transactions. The main IP is 2606:4700:3036::ac43:b1f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700:303... 2606:4700:3036::ac43:b1f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:d200:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.209.147.201 52.209.147.201	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
52	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
8 14	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 7	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4 6	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
6 8	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
268	38

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:b1f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.147.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.39.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	googlesyndication.com 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	540 KB
39	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393	421 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	1 MB
28	demand.supply live.demand.supply — Cisco Umbrella Rank: 42151	43 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 941581	550 KB
8	openx.net 6 redirects us-u.openx.net — Cisco Umbrella Rank: 518	2 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 58	33 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	5 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	66 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 399	110 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	283 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 497 www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1977	38 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 455 mug.criteo.com — Cisco Umbrella Rank: 2500	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	176 KB
3	file-upload.in www.file-upload.in	11 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 828 id5-sync.com — Cisco Umbrella Rank: 432	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 958 bcp.crwdcntrl.net — Cisco Umbrella Rank: 940	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	146 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 15168	9 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1492	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 351	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 653	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891	3 KB
1	file-upload.com 1 redirects www.file-upload.com	434 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
268	27

	Domain	Requested by
52	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com www.file-upload.org pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
38	s0.2mdn.net	www.file-upload.org s0.2mdn.net
31	tpc.googlesyndication.com	securepubads.g.doubleclick.net 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com www.file-upload.in tpc.googlesyndication.com www.file-upload.org s0.2mdn.net
28	live.demand.supply	www.file-upload.in live.demand.supply client
22	www.file-upload.org	www.file-upload.org www.file-upload.in
14	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
8	us-u.openx.net	6 redirects googleads.g.doubleclick.net
8	googleads4.g.doubleclick.net	www.file-upload.org
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	fonts.googleapis.com	securepubads.g.doubleclick.net 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com www.file-upload.org s0.2mdn.net
7	googleads.g.doubleclick.net	25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com www.file-upload.org
3	www.gstatic.com	www.file-upload.org 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
3	connect.facebook.net	www.file-upload.in connect.facebook.net
3	www.file-upload.in	www.file-upload.org www.file-upload.in
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.file-upload.in www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.file-upload.in
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.file-upload.in
1	ssl.google-analytics.com	www.file-upload.in
1	www.file-upload.com	1 redirects
0	certify-js.alexametrics.com Failed	www.file-upload.in
268	39

This site contains links to these domains. Also see Links.

Domain
www.file-upload.org
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.org
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
images.dmca.com R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-19` - `2023-09-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.file-upload.in/file.php?get=lio404wlnusn
Frame ID: 28EA283EF451CF62ECC601A18797B10F
Requests: 91 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C58AB6ADF184E3C40E827578B26C11D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: 20F104A5B3377A37FA5D2AEA12B38530
Requests: 2 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55FBBF1E605EA8E60B9465B2045434E7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNUM5Apu7Q9O-Thhp-nWgtPkoeN4R59HZ0Jjhgr7S9iT-lantps-hSwnO4lD2QupEx4Ki6McI_dD6sHRjxd79nfxgcKNng
Frame ID: 3B953DEE22FA07C9F8476E247AC5780C
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: D4583282D9780670FBC277155F222CB5
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8174A3C90A5C313F5A4166A36E9F4856
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 649195AB31FBD2F255A046263E4EB463
Requests: 2 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 70941FC4D9E471A33806E5AF497D3A38
Requests: 13 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE89BA31BB5D68F67F24E72C39E238AC
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYx4-n3QEwAQ&v=APEucNWReXZStIOaAlGehcQTN5zaaH4pTHOJ8FTdxAluRQPiOuK5OTp_t_UACH2ycQQezXy4LebhKu-Xc8mHjwwXfxv9SSrLng
Frame ID: 14E0DD8953E48C03CD072540054D06A7
Requests: 4 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7848BD8DF33666ECC5A1A10DF5B9553
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVHVRxxnrJhXqDgc17oM2CKvZfiuKJ79Kr6kGjlQawdTn82BN_KPUvQ-9TyKLrrh_zOx1uESxWtQOpjCRYXMEwvdFFuEg
Frame ID: 664BF60FA7B9BF06A0D307B881A02367
Requests: 5 HTTP requests in this frame

Frame: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3BB0B10455AEF13F59514D09C05CEEFC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYzo6n3QEwAQ&v=APEucNVRGyCUc9VFTXB_qQCnIctHurEz3yMWpf0agytLcpuKQI4J97vKXB28vs2IObQujiqj70VOR1uwbPwMGUBsd21fVkCvcw
Frame ID: B109D50345A5F39FAB7DDA8E8D086D51
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
Frame ID: 33C0084F899E23D61E64C59CE64E94B3
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: E7B28BB37E9D4EF6C5CFA1F47ABCE812
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AFD0DAE88991D68D84B56F3BBC0D6E5F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
Frame ID: 9881051AFEFBEF3994F9AE3BB8BDF048
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F733F578349E0C2161FB88FE305949C9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 7FCE86B736A013A11F37B15E9D320554
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
Frame ID: 09E5476EAF608B513909B83BACE4F48A
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
Frame ID: 50E0EB7C1A2713032DC71E5608325B8B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B485CAC58610BDBF52986D6BD960AEE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CA03FDAD81D7B36111FBC32423D71F0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 303137D128A824AEC751C242C00D384E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: EE3616F4A87B19F2D10BAC6A6F6BE4D5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: DBD5FF58C07C0AA8BA8B3C636C452889
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: D334997D7D3D70E0596DCA03EEBA9453
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/lio404wlnusn HTTP 301
https://www.file-upload.org/lio404wlnusn Page URL
https://www.file-upload.in/file.php?get=lio404wlnusn Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

268
Requests

94 %
HTTPS

68 %
IPv6

27
Domains

39
Subdomains

38
IPs

6
Countries

3663 kB
Transfer

9083 kB
Size

26
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.org/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.org/lio404wlnusn
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.org/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.org

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.file-upload.in/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/lio404wlnusn HTTP 301
https://www.file-upload.org/lio404wlnusn Page URL
https://www.file-upload.in/file.php?get=lio404wlnusn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/lio404wlnusn HTTP 301
https://www.file-upload.org/lio404wlnusn

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jtWlA3xzTjRseVJsZUYyNVlseXZhbFdtQmh3R0kySTZoYXg0WTQ1TElDWkZUZWhRUlpYcVhoMlNSVXFkMDJEenJwMDVYUGFSSFV1L1U2WmZTTkNka21HYU0rNkhOdUkrb242UnlFVk5BbWpPU3VYRklaRFlvQmFBRFhqTFphRG41OHNET1REamFENHNKaitCTCtXWHlNd2VjSGFIdlR4blZSQnpUanVFTm1ET0gxS2tSRE5WLzRLNjFLOEtmR2plK1dXK1NEeDcrRGw1MWxQbnhsby93NDc4dUQxS2wzWkdvdFlHMnJ5dlA2NXcyMDVUNW9sbk82emU0N1VXaWJWSkhSOFZlVnhtajZJVUpMa0paMEpqRUNDeklSUT09fA&cppv=2

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1

Request Chain 114

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP3x6.29sfMDigABrAlgyAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP3x6.29sfMDigABrAlgyAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

Request Chain 173

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1

Request Chain 175

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

Request Chain 177

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1

Request Chain 179

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

268 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

lio404wlnusn Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/lio404wlnusn
https://www.file-upload.org/lio404wlnusn

27 KB
7 KB

120ms
57ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6651af347bc2ed0d00963ffe07aaaab1c64c94ffc886e6d6085aee7d5f9311

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80491f938dfc9143-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:42:17 GMT
expires: Sat, 09 Sep 2023 16:42:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhFVq94S54TFntFv%2FdIdu8GnlGF8L1uhi1YCr%2Bf41SjjNEAR%2BVduStsrz2C9swO47QeItxtWrtITU71RJGbA95%2BlYNRIsADfE8kevJjBBeifHVgXPxT2cWxXEY2cPfCN3r3Q21FHzmKEBDfuOxJfYVWE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80491f92c87d1c20-FRA
content-type: text/html
date: Sun, 10 Sep 2023 16:42:17 GMT
location: https://www.file-upload.org/lio404wlnusn
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQlRcpclVv8BLenEcKXL9OsWFpHC%2FG%2B04syjmoY0oU1hr73pnkoP7uBr7VNLsZb4llI9kaClPvcz%2FLYI7%2FYUpva2Zq93QssUKQeXROKCN%2FAUtSmqSyrFBll5XON06ph4%2F90dCpo1"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1108667
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9w48G5CKK286E%2FsacRCbYJf2aGEdZC6NxVcgMJgNMEu5N3qgY2JsCRYaXOPPQEFuafbQks%2BynSv%2FjGdnJn4ZY4LImne3I7%2FkXgWCioqamULseBlMFOooeXxBipTfu5f%2FHLbmtC18QKnjm%2BStFHj9Fmo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80491f93ee899143-FRA
expires: Tue, 29 Aug 2023 20:44:30 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 82ms
82ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDeREmOZ%2Bj2J8lXk9fHrpYvmoZVByWSyr2TJQM4vgq7mb5owTcoFB9X6ZycRgmbiTNzsmNDNecH68CIRei%2BkPYZwc12%2F7bYo0J%2BkuygTdtX7QYhiPA0eyeTIDC1S8n1rvkerKHeXfz8LDJu0LTqtK9GL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80491f93ee8e9143-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 31ms
31ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3802729
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLW2%2BJsaT1K1PoRgQdE%2BKRCjgzF%2FKx1fUrFzAkq95r%2FaRk19%2Bz%2ByNi2AiGE%2BTiK8dFukg4ap1t6L0SYDsWCnjnaD2SHem3nVSNRbXwhy2NVlDDkF8az%2F6GiHXgg3TpP4fQKnwrNeIFTZjRMjci8E29es"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f945bb28fc8-FRA
expires: Fri, 04 Aug 2023 16:23:28 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
25ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f73c7d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KXHJ2xgeRQ3li7ZpNS82MaYAV2Odf9zqwT2WOTjhdGa54Gca6heRr2QXYSETs8hsizI8MUbgA3HgRNYxL5vyPzVg0jd8QCBOoeLVudaX5x6vaXGiMY3B2F4bQ3x5Xw2U7VFYjA0AevjZwG5hs5UR%2F9D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80491f942ee39143-FRA
expires: Tue, 12 Sep 2023 16:42:17 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 28ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800674
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeEL9NEU%2B3Xl1paLv0LXFxnFXEpyaDZ4VdLWoW35%2B%2BJPkz7QlSamhiNFW%2BsPS0C1RxfB3TmaXBLTl0Tv4YUcrNK3G%2BEUgWQb7ZC0HCzo%2BkhFxy2UFTjsw2uxFFU2DpvyVLXb6f7tCChlcEP7B%2Fk8PdBV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f948bdd8fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 27ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800674
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOivlPBU0Wtf%2BKpsE6j3nI50%2FE8ofW5wfO1fEIF9MRa%2FAFyzSf52QvN%2FHcXPwIJvbIoES7nqN8CLkuUdkkLUn%2BYBiKJqNPIfz01kikOBfieFpb0qR3YGY08g3Jo8uqOwvcyqmfXn%2FxNf5glrJ7PvL1vH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f94ac048fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 97ms
34ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1694364137.cds212.fr8.hn,1694364137.cds241.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 30ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3802729
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M4VoqyzSbB1hAz1uPVLcjTawa4lvMlnvQ60Vf0RZX12%2FjL3pUkqZNilL5awwU0hz3FYv4elY27jpIe0kmLCo3XTaLA1Hisc8w2qpF7NEA%2BOJDV0Me03sPxCatsl1uGkaz3MomB8K9ftscrHMxIMGeri"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f94ec458fc8-FRA
expires: Fri, 04 Aug 2023 16:23:28 GMT

GET
H2 200 Primary Request file.php Show response
www.file-upload.in/ 23 KB
7 KB 215ms
155ms Document
text/html 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1edb8308475b27378fa7a5d502187ec6fa6e01a0a9bef65bd48daac8b571097b

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80491f955c599b51-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 16:42:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpMPxT0FBKYF3hZeqy%2B4fbf6YYJXv9RG2ktBB6GCOG1J%2FvFe51gQaMrP9ZVGkm6tktdzSh6eTEq9fbhtwXlalVP8Pd3jRq2CQlBFILI7%2B6jbkO9OdKFSX2f1Pf2xgn0bzuNFLRzu3caW0mMbCF7gEDE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 30ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800674
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0plCfOBwyBg2zQ6E1ltxrrdXL4GQbk7BLss8V3Xnk1WIZUnZuM%2F39RulCdv%2BHLzwVsvFJ5eVnyPJL0C1lhLd4PqmdUSTDIQ%2BgF7OmHLnEtSHlGqebBsegc%2F9UKvuCvnNyPCmCyMWhib711BbcKqfC8j"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f94fc4e8fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 44ms
44ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3398
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mD2BBuiwBySinVcpquIEH1PDtQHgjGKQb3pZN8engRhPOg8W96ROPt9%2BoieHQhuI2YlZHsCfPXwJ5q3QOSjJWQwkc2CIdB6ixECoR6n6Hy%2BKB747qTQcr8%2FxRS9ISj4VrUoX30Rs4859itmTNrj2asg"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80491f94fc508fc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 72ms
72ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 46
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2By51rsfmF9m%2Bg%2F8sPgUjhmPcIEy8WCXI4pOUr28BrFJA4q5yRYDKFh0qMGP3tjBT4HHrx9qn0uDhyJAPmMQRsQZwPI8Sv3aKQcUYx7IB5fvft6OtBZo0PidlJb4Qak9HJ9YLvBmbXxeUKQ7gp8WVTjz"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80491f94fc538fc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 30ms
29ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 46
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq%2FAkqa4rmYIZXs%2FRp%2BkwmYPhg5MHrj7FuQSuY2P1mYvG6jnldsUJkCMoW%2FcNNqVto3IvKEum7VhpHliwONqgNLubZaVmzflnzDlDhoXHzhzLUtB4DzSF1WsL2uiTRBWd02zD55FzPQOZkN6pvmiDEBV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80491f94fc548fc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 157ms
106ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1483f8f5c3828ea27ec3b41bbe45483a444bfb70a0ade1b5055a831f89ed83

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H913VYFTJTMGRG2WG00C550S
date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 81
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80491f96af3c0e02-MXP
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 blockadblock.js Show response
www.file-upload.in/ 7 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/blockadblock.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669285
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 11:59:30 GMT
server: cloudflare
etag: W/"64afe722-1c1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2uMev7v4POHFWyNU7cneBYiiqRLtEeIgDr7STHPH1FgjXMk2AOQ%2FEb8s9BLyYVPrKddPCiZECK%2BJlDCBtzIu94XJv4DJiQkz48cmh0dw5y29Oegh6%2FBsd8Rvl%2FRWSgStW0yGJ%2BI9s8ELR%2BkAFDzyPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80491f965dbb9b51-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 90ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

757acebcc9f6604d518d9ebaaec7d66779a9bfc74fdbcef64ca2faab0a10c1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68353
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H3 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 55ms
54ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1110717
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBh6pgIyOPAgClF1XySI8TPf4qhxrk7Q0Suw5bIO6yIYTBZjrdiazX0ZQUnFsUtLFIyEEcfjU1YsLMa1rVqFms7o%2BPRCsqY1%2F0wYqWjaMdGd6kJEnjZWO6HcL8LoiYMMRhtYXlaRJKWNcAusM2qV7lz%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80491f967de38fc8-FRA
expires: Tue, 29 Aug 2023 20:10:20 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 48ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d06d2bc8ed3dbf226ada0c061c7621f10d3b0bd1a5699cc6fbf09d671dc571c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 16:42:18 GMT
content-md5: JxeVR0EE31XFqADHpE/ZQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88940
x-fb-debug: nPEwCKWg433Jeq+ksNRpUhwOiPgYPjweXAbS8a5nCeLoTDZBZSdLOWoLUFXAgasoV4eA1zLz4xUy3SniPpBmbw==
x-fb-content-md5: 538a4f6a1c9931254b63a6d672aafacd
cross-origin-opener-policy: same-origin-allow-popups
etag: "ab5a5a2345c62e0679e6603a3bd38175"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Sep 2024 22:30:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9ec828fb5f2a5fa9ca80b1fa951aa451c75bb312b20ba830b369ae4c4ab27e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 16:42:18 GMT
content-md5: dx1tZSTJuY0Wn/gWBFvMVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: BmekLtjilhG0P2KMDBfzsafejVNOnWy4WIsYKRJONBi3Nk2gMvND5gHs+NpD4bJXgN2hIVv4JYEqybISZyqr8g==
x-fb-content-md5: 6eb360d7a38eff72b2e29d6f6337a88d
cross-origin-opener-policy: same-origin-allow-popups
etag: "32e7149b191241f234f56427c87a14ea"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:51:55 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 15:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3040
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 10 Sep 2023 17:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H3 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 97ms
97ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onrFXfh3YO%2FnO63pQus%2FzaVlGNA6P433rnLnI%2FZ91QbfCykSIM5GHlSq4cf0TdyBafToB0CzVi4tWNOewjP%2ButivIl74JVaNEFy2yxU25JPhkfwE103A38QhPsSULuU4TClmDRP%2FUAd2UTgXT5eOtnMM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80491f967de78fc8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 30ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3802730
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93B44Fx%2BZ8Sx%2Bgpp4DEH3UwKq0RJSF1ALvr1Ohca6TtxTHUV7P9W0yQOLfFh9U8XWT6PdYhNO5fNZNbJI4VgrPmDCRnAJnP5UUerN6kSi2Ut9lpXyjhm6rKlBXap5bC8xFGZesV9%2FhVh0HtfdagxwGEO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f971e788fc8-FRA
expires: Fri, 04 Aug 2023 16:23:28 GMT

GET
H3 200 email-decode.min.js Show response
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=lio404wlnusn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f73c7d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgMcb7SGI7DWnhUFir5Bjzn3y3vgYGYecSOpg7IBCgFPommlWU%2Bi2A5K5VG%2BCJXatAusr6%2FV%2FLn479fFLWQe5GJ%2FH4%2FCsNKOql6hJjQ330xv3rdIbBoeUQyKB12%2BkCp%2B%2BmFa873Qh9tLCz51YhD27JY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80491f96fab2199e-FRA
expires: Tue, 12 Sep 2023 16:42:18 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Sep 2024 16:18:15 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 39ms
37ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800675
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpztH4Ykg9BobDc1BIhXuZ1LG7zsPi6Jfx2wlbyrURWQPGco69Hr4Mi%2BxPQLjUXmnLgfZUYcRJuLxzF2N1G0K97k0PntoweaZveup%2FmV7nB8ZuOjfxk53kAi4b7ipArbCSmtQYL0xIygkgmPwUfNitj5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f971e7b8fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 34ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800675
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb9Aaa8XhVsMC8G9wUAbdfnsgMQ3fGteRLqlREXxQcx9wby50TlGWCnaGL7oyM0dzFXztKaDNYYdieMB5DAXwSCgxGTEy1sSTl61SbgmuqQh%2F8Mutl6MVMKJdFJO2rtZ7jzRb3LCGnmzkVoX9ESBuUTT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f971e7c8fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 33ms
30ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1694364138.cds212.fr8.hn,1694364138.cds241.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 34ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=lio404wlnusn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3802730
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYiFe%2BYYBewSRapWRB5dfRRDVREoGTzxWNdhQAD3nGMyBoS1gvL9ccqBPgs6rRU2sc25PoK4VYjv%2BEUP%2BIRdoQgGzpBKrBeSigyX%2FkDQAKOWRTBJindOKHb0lFVpGxE0j%2FmU5IUEPoKM73VuW1sMFSQh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f971e7d8fc8-FRA
expires: Fri, 04 Aug 2023 16:23:28 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 46ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b2d1931ef5902137f101bd61bccd060c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

526cff41f4e9a8c57d51f4d15d2410427110922a2a68eb548f40cd1092d3ae6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 16:42:18 GMT
content-md5: x8E00gX4eQG9LuxHbQwMWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88948
x-fb-debug: 5d24WxqDYwgG0eIU0ejY0p/cojvd8exsvwpQ9CZB0IoAvcfLoSBQmPpXA5CCRm7BfJcZG1STqJfFFuyeVtPrng==
x-fb-content-md5: ac2a3c727ebc9bfd21f0fc2a3d4eaa1f
cross-origin-opener-policy: same-origin-allow-popups
etag: "772ae3132885768443ffd6a176764cb9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Sep 2024 14:50:12 GMT

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 35ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800675
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz%2FHIHpzqrlOWouU5ypjXdIsbktDTH02zYN%2FRpLuWzyCB94zbHBmLBC55Zrb2s%2BHdQo0%2BS0ZJtgmsiCPaq6rBFLeOcdO78Ktzjfj8pX4qytwrZoSOWo5RghUm5wvwC7qaaKh7dDhFwHLovQDGJpoS5yU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f972e808fc8-FRA
expires: Fri, 04 Aug 2023 16:57:43 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 impl.v17.14.2.js Show response
live.demand.supply/ 82 KB
27 KB 34ms
29ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.14.2.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H913VKQN69AD5D7PM815AE4H
date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 1035677
cf-polished: origSize=84250
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80491f975fee0e02-MXP

GET
H2 200 d3d3LmZpbGUtdXBsb2FkLmluLw== Show response
live.demand.supply/p4/v17-10-0/ 2 KB
888 B 96ms
92ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44772017abf9907134afc6c49188901ff185d507913713fa1cdc72bf09d2aec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80491f975fef0e02-MXP
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
516 B 59ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=157&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f97784b5254-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 163ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

132dd52b08c5971aad919ccdef464fed8533fd625678f69b005575aa9c714db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29231
x-xss-protection: 0
server: cafe
etag: 924 / 19610 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
587 B 75ms
46ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGSQC59RYGZP6NQ359764
date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1382075
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80491f9778475254-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
373 B 176ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf611436bfb3988f40db1ed9a1621b50b89f27b7275b9aa88e895f6a9c02495

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80491f97886c5254-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
375 B 182ms
182ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf611436bfb3988f40db1ed9a1621b50b89f27b7275b9aa88e895f6a9c02495

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80491f97886e5254-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 45ms
44ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 980333
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmbSkH5Fo0iG30l%2FDOBwmQoTc4p5B1ve%2BfMhXKdujb1acTwweztbm%2FR7OWFEYxRl1UrpTDdgXPIDVV1qgbpRL1oChTUKphl%2Bi1BVTLTW3bwSimjf6O3SEIq1ge2GBUIWsLAKuUH%2Fxxc64d8KK1TI2Hi6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f97aac5929b-FRA

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 45ms
45ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1382074
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bj%2FCrTGvgbeQJgtLMrOeQYLNQumqu1Pitt5%2F3gX23Z7NQ7zv52tswGnTEzFRL1MoYfMJNQ1isqNsoaSRNDMOVxyDYJEh75Xm7SDBdBzXRFr8LHQotzrKmQReZUCOlqrpZsGWHCKsKn0f6lGBwhQ%2F%2Bko"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f97aac7929b-FRA

GET
H3 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 34ms
33ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 980333
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z%2B9verTmkJYU%2BVsxh9My7CphGPcBLxy7QkOex4LBgnjnTcIcnbyVv5U4uRMpmJNs5wp%2FvzXX7QlvloTzaw8KIFaEfDh5gpi7Z2W8GyS%2FOCrgOya3SdleMLeqOFchM2lKR3ZZxoNg8GyTR9tW6zj0KVs"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80491f97daeb929b-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
483 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f97e8f35254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f97f8ff5254-MXP

GET
H3 200 file-upload.in_fluid_all_fluidallshapes Show response
live.demand.supply/cp/ 30 B
373 B 164ms
164ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbf199e3f44ad2a0d883323f19acfd61fed6c35f6bc675795d1db33252511d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80491f97f9005254-MXP
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
373 B 164ms
163ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf611436bfb3988f40db1ed9a1621b50b89f27b7275b9aa88e895f6a9c02495

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80491f97f9015254-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 file-upload.in_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
376 B 165ms
165ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b5b9d505e57d40817f23f22ca56ce98449441d6c804663b084db3afcbf9da1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80491f98192a5254-MXP
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c26e075492f2f7d2b21f7e243e86e2c669364cf1c94f24861a0bab532ae99675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Sep 2023 17:49:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 17:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85187
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Sep 2024 17:02:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 97ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je3960&_p=1341600175&cid=885750579.1694364138&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&ngs=1&_s=1&sid=1694364138&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
484 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.0439554512500763&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98b9eb5254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98c9ef5254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.0439554512500763&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98c9f25254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98c9f45254-MXP

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1341600175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=105694605&gjid=1748302019&cid=885750579.1694364138&tid=UA-119779859-1&_gid=257185379.1694364138&_r=1&gtm=457e3960&jsscut=1&z=702278134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.0439554512500763&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98fa405254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98fa425254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.19488632082939147&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f98fa465254-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f991a635254-MXP

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 100ms
22ms Script
text/javascript 2600:9000:2250:d200:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Sun, 10 Sep 2023 03:41:04 GMT
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 46875
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: mLM2-pwl4tGl_iJ7F9HLV2iRc3EXmVp9uUEsrrTrOUyv8gVTd44dMQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 97ms
35ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:42:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 100ms
27ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:15:10 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50291
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: knHwbGfLn_HMjRg5V6CjhQjReOzoneUH-gejPk2qj658GrgFAEe9LA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 86ms
35ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: QGK8SMZH6CW1XV94
age: 3472
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80491f99ae631983-FRA
x-amz-id-2: CtQOwrw2qCKRRr2wWfTf7TPyHxsGfoR+CNXaf7vd6zVpOSFFb3BbMklc2ijsSGxMpbZgXatTj/n40QTSRmRylQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 77ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14286
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWHiuVmkMDff8qztJr1Z6Rzen735nP8SWP2ImKsacds%2FuYBFJIbJTZmcpNdDu2dnQjfS3FD3tQrjsRYMduN3ZgvxWhLcmeW5DCAe59%2BGxBztjEXKJFoQX3Wxq%2FC8RbcXIlWjPZdRDW8wA%2BlyTxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80491f99aa875237-MXP

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 78ms
36ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 0c76cd9264703ecf44a2385a3bfc0da6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 168 KB
48 KB 676ms
675ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=3689304457442272&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138427&lmt=1694356938&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D86&adks=79733870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

026e963bdb72e24515e5acee4da611ca28b8bbd76eaba14cc09cfdf53350427b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49303
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 574ms
573ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=92491711842340&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138438&lmt=1694356938&adxs=245&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D86&adks=583070209&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caff76e501851169fc9296295fb203cefa5a6dfd00131a26701f8654305e6809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9765
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
44 KB 489ms
488ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=2044066004524203&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138443&lmt=1694356938&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D86&adks=4139417846&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

351b84903f287454115f3a36aa81e929627d46a2446a557735276695aed45eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44875
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C58 6 KB
3 KB 126ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 38 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d12a9bf1fe15f8267e78800c4d420cd2012119edce1c7a2734de411fbe4c336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 12:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15208
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13603
x-xss-protection: 0
server: cafe
etag: 10298091897263888815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Sep 2024 12:28:50 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=0.14708815813064577&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f997ada5254-MXP

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 36ms
36ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H6RG2MPY6RXJSSCBB6XQAQ1T
date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1107179
etag: W/"624a705ce1b65875ce70f98cfa74b907-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80491f9979b94bdd-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 385ms
385ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=2273745428180327&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbeac2f13-96f1-49f2-bb26-529dae41904b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138463&lmt=1694356938&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D86&adks=1966749552&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a5c1f40e90f89b3a0a241bacf8cc84489cac883da0b6589d0159c7418306059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14774
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 550ms
549ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=1729962491345498&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd3859ca8-d6e5-48de-9b11-eff7c2804e8e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138470&lmt=1694356938&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D86&adks=3992249615&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b71ac19b107aff17703a21c210c1376a16cce3ad090ee2700e35b9da829f27fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9710
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 310ms
310ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4070046320069164&correlator=1930642293925918&eid=31077099%2C31076770%2C31068366%2C20222282&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694364138477&lmt=1694356938&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=885750579.1694364138&ga_sid=1694364138&ga_hid=1341600175&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPfj_6cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi49-P_pzFIAFICCGQSGQoKcHViY2lkLm9yZxi49-P_pzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPfj_6cxSABSAghkEhcKCHJ0YmhvdXNlGLj34_-nMUgAUgIIZBIZCgp1aWRhcGkuY29tGLf34_-nMUgAUgIIZA..&dlt=1694364137960&idt=435&prev_scp=ti%3D344da3e3-08bd-49f0-89aa-30127ce8acc7%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D86&adks=2218721101&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

005c757cf592f5273ed6bb107619c0f49c1357a44f3f58cbda38a1a25a7a748a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 90ms
27ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file-upload.in
date: Sun, 10 Sep 2023 16:42:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 20F1 15 KB
6 KB 90ms
28ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 296142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 233 B
694 B 186ms
72ms XHR
application/json 52.209.147.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 63ade8e246ec50eb291456738bf069caba9be846a90e67c8a1ac7e081161d52b

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache
x-server: 10.45.27.108
access-control-allow-credentials: true
content-length: 233
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 20F1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jtWlA3xzTjRseVJsZUYyNVlseXZhbFdtQmh3R0kySTZoYXg0WTQ1TElDWkZUZWhRUlpYcVhoMlNSVXFkMDJEenJwMDVYUGFSSFV1L1U2WmZTTkNka21HYU0rNkhOdUkrb242UnlFVk5BbWpPU3VYRklaRFlvQmFBRFhqTF...

419 B
646 B

112ms
35ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jtWlA3xzTjRseVJsZUYyNVlseXZhbFdtQmh3R0kySTZoYXg0WTQ1TElDWkZUZWhRUlpYcVhoMlNSVXFkMDJEenJwMDVYUGFSSFV1L1U2WmZTTkNka21HYU0rNkhOdUkrb242UnlFVk5BbWpPU3VYRklaRFlvQmFBRFhqTFphRG41OHNET1REamFENHNKaitCTCtXWHlNd2VjSGFIdlR4blZSQnpUanVFTm1ET0gxS2tSRE5WLzRLNjFLOEtmR2plK1dXK1NEeDcrRGw1MWxQbnhsby93NDc4dUQxS2wzWkdvdFlHMnJ5dlA2NXcyMDVUNW9sbk82emU0N1VXaWJWSkhSOFZlVnhtajZJVUpMa0paMEpqRUNDeklSUT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e18cbf5a21eb9a082b6b5ee8fbeb22755e76eac1075e08e9343cc7994c7c9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1533030
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jtWlA3xzTjRseVJsZUYyNVlseXZhbFdtQmh3R0kySTZoYXg0WTQ1TElDWkZUZWhRUlpYcVhoMlNSVXFkMDJEenJwMDVYUGFSSFV1L1U2WmZTTkNka21HYU0rNkhOdUkrb242UnlFVk5BbWpPU3VYRklaRFlvQmFBRFhqTFphRG41OHNET1REamFENHNKaitCTCtXWHlNd2VjSGFIdlR4blZSQnpUanVFTm1ET0gxS2tSRE5WLzRLNjFLOEtmR2plK1dXK1NEeDcrRGw1MWxQbnhsby93NDc4dUQxS2wzWkdvdFlHMnJ5dlA2NXcyMDVUNW9sbk82emU0N1VXaWJWSkhSOFZlVnhtajZJVUpMa0paMEpqRUNDeklSUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260770
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 121ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad552615bf05c0e468563016450b01b7439de8fc6bdb0a018f743b1cc25266a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11722
x-xss-protection: 0

GET
H2 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55FB 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&pud=157&pus=c&pue=377&pid=35&pis=c&pie=412&ppd=97&pps=a&ppe=474&pcl=486&ttc=647&tti=1071&ttif=0&lca=474&lcak=ppe&lct=474&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9badc35254-MXP

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 121ms
46ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3B95 478 B
779 B 117ms
62ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNUM5Apu7Q9O-Thhp-nWgtPkoeN4R59HZ0Jjhgr7S9iT-lantps-hSwnO4lD2QupEx4Ki6McI_dD6sHRjxd79nfxgcKNng

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Sun, 10 Sep 2023 16:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55FB 86 KB
29 KB 162ms
116ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55FB 42 B
63 B 174ms
128ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLc9VNh1MGBrAxjHwhYGogcwesShwqBUVskgNLeYsRoYs5XlyQcAuif2NIwMOYH503RjDyINH8lNdFVaN1NU4f1KEUuthNsZbATQtho6UcPJZCzrs

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55FB 0
20 B 174ms
129ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1184866595718950926&x=1&ct=76

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 55FB 3 KB
1 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 16:09:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 55FB 20 KB
8 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55FB 181 KB
57 KB 103ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame D458 222 KB
62 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 19:22:21 GMT
age: 422397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D458 15 KB
5 KB 122ms
69ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Sep 2023 10:00:11 GMT
age: 369727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D458 94 KB
28 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 05:50:45 GMT
age: 471093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D458 5 KB
2 KB 138ms
85ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 16:22:50 GMT
age: 433168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D458 40 KB
13 KB 139ms
87ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 10:05:13 GMT
age: 455825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 10:05:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D458 18 KB
2 KB 83ms
31ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 16:42:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:42:18 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D458 2 KB
3 KB 34ms
25ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:23:51 GMT
x-content-type-options: nosniff
server: cafe
age: 37107
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 11 Sep 2023 06:23:51 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D458 295 B
424 B 33ms
24ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:23:51 GMT
x-content-type-options: nosniff
server: cafe
age: 37107
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 11 Sep 2023 06:23:51 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9c1e625254-MXP

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15584975635137575325/ Frame D458 6 KB
7 KB 62ms
58ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15584975635137575325/14763004658117789537?w=195&h=102

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb0a8172346373e34c8af7894dbddcc9e71cb582d12637550b408e5ed4402f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6329
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:31:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Sep 2024 16:42:18 GMT

GET
DATA 200
OK truncated
/ Frame D458 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D458 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D458 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7debf4adc50442cc27c775791a12a0d0866c7ebaf185823651f18232275ae95

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8174 13 KB
5 KB 36ms
33ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:24:32 GMT
expires: Mon, 09 Sep 2024 16:24:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6491 829 B
1 KB 108ms
32ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a56a5a3819fc67f6d6f884075093c52b3132047a845e91c438f79802453cc2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JnONS9lwJfOpCkjk433GMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-JnONS9lwJfOpCkjk433GMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
expires: Sun, 10 Sep 2023 16:42:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7094 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 41ms
41ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:18 GMT
cf-cache-status: HIT
age: 1957114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9cbf355254-MXP

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3B95 170 B
243 B 125ms
37ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNUM5Apu7Q9O-Thhp-nWgtPkoeN4R59HZ0Jjhgr7S9iT-lantps-hSwnO4lD2QupEx4Ki6McI_dD6sHRjxd79nfxgcKNng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3B95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1

43 B
337 B

44ms
40ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNUM5Apu7Q9O-Thhp-nWgtPkoeN4R59HZ0Jjhgr7S9iT-lantps-hSwnO4lD2QupEx4Ki6McI_dD6sHRjxd79nfxgcKNng
Protocol: H2
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg6Y36GhEi7WabX3L8eQeBMESUHXyQXdQVjT%2F66%2B1YNT3DEwYSnlxyxFXMAprWk95UmnLbMHkoeJI7xeGOBZuPu3WRxx6KG41Z11hg8uBE1xv2cFm3w3mmzijnSLsMABWAPINoj0GqxpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80491f9e192501e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3B95
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP3x6.29sfMDigABrAlgyAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2

43 B
734 B

55ms
54ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNUM5Apu7Q9O-Thhp-nWgtPkoeN4R59HZ0Jjhgr7S9iT-lantps-hSwnO4lD2QupEx4Ki6McI_dD6sHRjxd79nfxgcKNng
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvEl%2BWwl3ykEIS%2BImACqQjbaxtFEpe8I7g7NT3wSCdNvQaWM47aVOpXQWxIeO1mMP4yT%2B7B%2Bjnbx2l4oPyXE5Blo5n47qRb7LwY857gUPijNzgDsghFjWQEcDnN6l4DP8AWKkEqgZ4Hb8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80491f9ffa97020d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D458 16 KB
16 KB 93ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 137230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 02:35:09 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D458 33 KB
33 KB 98ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 128298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H3 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE89 6 KB
3 KB 26ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 40ms
40ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: HIT
age: 1957115
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9d4fcf5254-MXP

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 14E0 478 B
344 B 63ms
62ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYx4-n3QEwAQ&v=APEucNWReXZStIOaAlGehcQTN5zaaH4pTHOJ8FTdxAluRQPiOuK5OTp_t_UACH2ycQQezXy4LebhKu-Xc8mHjwwXfxv9SSrLng

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
expires: Sun, 10 Sep 2023 16:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7094 172 KB
61 KB 110ms
30ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Origin: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 7094 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 15:19:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 7094 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 14:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 14:12:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7094 41 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7094 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 16:24:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7094 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:21 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7094 42 B
63 B 122ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHJJaBI7hzb3NFvXmnvsvBXVBP_rHjhtaBbG8gIlNX8WausBsIYtGdXVyWMsbM77_bodm2ULiDu-Wn8d3AqlOZyICVXkEetPXzX5Y22C098VzjF6c

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7094 181 KB
57 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E784 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=1&r=file-upload.in_fluid_all_fluidallshapes&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: HIT
age: 1957115
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9d88155254-MXP

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55FB 0
20 B 124ms
123ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2875322859290&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55FB 0
20 B 127ms
126ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2875322859290&version=m202307240101&ct=76&x=1&cor=1184866595718951000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 55FB 99 KB
38 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwKziJsIoGvBr4HcPGMOIlVcaM25IbW4wXuI2PyrdoLQdw9UgNmFjpRF7ZydSRfgYmERNShfXdlpKMF2oEmFDFaqmGgk1kAGt4el_R5aRDW5Y02UM&cry=1&dbm_d=AKAmf-AyeUsw0KN5wP1iSQ92Wgf3DanKWFoLqFKMooEEjfSd6BFI_W3SuWiERUVcHndzZ2CBOblIKBNjQogz5iACBuRNbam51V77fa7_02a298Vr7sr5GjCKOOl4ZRQWOBWFuKYVNU5P5T2NmBcwwM4QLdwSuXxQVFXqitYGRF5q-UrhBdxTFq3VncQDDsRmXHEnOqEDA0uiO2HfX1TI_suHfaB6XCtA_bXf0pY6tSuQBO4mSOLtvQB9h0Jlxsy2wsNqcjZrPB1Amzqf-Fi8xUFdkhDEE1WwiKL16BD1AJwTw00QrgUo2wuphHRJbbg0D3mJKyaW5nJq8T9GIs5AAp4M9MFoANvQ5UocLeN-CAJP9R1TYMt65hRpYdMMBDk2xkNWgykHDieNGZPBiRxC2QhuyT8NUJ8NQ9rix7zlc6y-yKeoCtTsYItZY3jCJ3RKaNk5LVYHTcMSbsT-T4_7_VklxIUSJApc5eb-zpcwBE6KBlWmtzDWM8Pg7JpCJJyh50K7UELeSvQoC8U5VJhL_Jg3xIWsPOx5gXClxYLxJKS9OjALSDW5DKA_svd_IOIKoInck2J7Iez1dG22UNrGIWh4mg1tQ_zjHOajxjzsof-1COUkvYinjAm7jFd3qgEAbKOVZNKJNyGAuLnMopSlxbgHP_gED-nPo95hJP58_thyBqJM-WIY1RBnDydYyRwR2Q0RE26TNmXg5z6XhMwK1dy3Q20A8ZNbG-IQnWpkS68IbHwATDngptPyJnvpJGzqtjrkFM68BAOdx2SQt62YRJpJcvolVbqElmZbPTWUJyyflFMuvqqOo7n_W9-7cOwVERb46i22zU3L-fttxDjWI--Cq3bv57EWwsGsWXo3sCvh6zUFW10dbwGi9QM5huhBKsEIaLFUKmnu1CTN8zmLYwFbJjhjo9rzxBo6H493euP-acLI3PHWpYLfxJRHv9HOenJKuYCS9KuTzrXCVHlGnEz0tatShGcaOikrNEDpOQH4wGfbObLo3MT5vDbtcvDipAEZHx6tmEUtQ2AwEV1KxF_-rrHmDls3slnl3iexMVCK2MziZ2zS9h8oTHhSCqukUHwdBJKKfxivJOZqHDeDtmJvGnzj6PRwVjx2N-0uMNEitllHQtk_FCOnT5rwzr4V9S3SsgvzPYcn62D86gvyqmoXg5M6Z1X0teITmb88-7mPy7KJFoCZ-kSfJyA39FhrGexRJhS5NHAU5n0uOA8LenON7CSHkdHHAm7Oys0b2LEccATziLzVUyj14Xt9keYPVJmqocvf6n6HNDJgrIyqN92BOAC4j_YTmczQkbmaFFKZeWE4IXSCr_7B6kxqxcBq1At8iDjxq4GpE9wx15dsdWx2-Uun84wQIHNGNGw-ZVqVTxMYezBNu-N6sxz3iTeyvG02Lla_8TTqTVzdEjaQnAdDC3S0ru8V0yUEIfi6Cx49zzQJzgYR4kChFZK9HA4N9LvBzgoosoclBRiGJ4ECHqQ0KVnjBYCBMnVXFrSomABdWXW0SJYhMpO9FpcTcuETIlybD2vmsgB6AGmveE50ZGoejXR3A37Dl_FN7doTk3iOzjTMZ1TTI6mWob4hvUizX96Y8Y3hg-_Q73KiHU5BzGS_nV5jFFfTSUfMjhq4hbM_EW1lLeap--1SMb9FuaJEklJ61lT1Kwc-Ea9Do_YXCg9jxy19vM3hmqgrk12sTR4ShQguNRqSz6G99UJ9_rfCEryzTVpoyPlw07p5mLR2nC-P31w0mhWXFqebPzu4_wgmXZxlHVTsdXEpe0QuOOhRn1TyDi18LuYUyicgqb3I_P_v8gq23MEE5X9raBZPb2Q79p7IqqW-8IrPneo7-Jx5I0xnMBZ-sAqv5MdE6tqiUcXaCEQGsUqZeMxqXVgQyu3xR0V8fioYeOBwfgvcvTBDv2gICoyzWCGNl-i47e5CLNA1BiSetLaTEogHmAp8pOqeI-La4vsreP1LO4ZzxVt_d7StXhGkAPCLbzuN1WEjOa8ppkudNbDzuWUjYvJE6fQDJNPOj6lgzcLUKWNAT-Btqb7qyoUKtiobzOnVAgnEFph7QWUjuL5isAnmA-XzkOnmMIzMkFZePX1eb-Pev9MxChLFiThUUnwv9Fd7wXNJfNqBrxSDpf3bpMmm6Aw0qmGmfV0daKinJGM2pHyPvPFz88_BX6Xe86KInUrH6-ge1p_njS83izGj32hXOjbblI7JjcxSdspYXC5XPQ03JD1MpM3tAl8BcSlOkpN7fupPhkV0xB3yi1maFJxjZtN5XlwTbVOnaPksgdblRcKR9C6cKIpaQexbUgmlQs6y1koN0zjkJuTnCvPAHbW0ylkFA-ydxu5k8I4vL_3_PnIklI0gZDS1ShArKgOOYAOF0sA-tT9_FKfptGRXJQsOM-lw9HXg51vxAejQE9cpJhOafN9Nb7O8XfIEWX67P4NatKTMVtdJPB8dgbE9fSphQ8SG0Wz9GIjKVvsgHG9ilrdjdAbUkigA-cCrNvYqqBCvLIM8lAjKvimHIIXDpOMDXp8ERGlz5LD1-xbw--wvTaM1Nzcu5yPdTOUb_GTHokLmrI-569a53k2mlxpAkf_ZzmHIN4WBIYmGwbEc2ACYZdFxALQL8QOwj0ncoXRHpfxCljXxD5eKyqY6jVMuwMwsY76HQE08hK7Aadq0Q9ew79ypJX3ZshZc3Ms_Im_3F_t4E5ZQRJm0i9aQTqD0tDV4UE5G_uKuCOROqpTeO59D_WzqfPNqroolOp1dgK6pCEwB-ugxbGPZZJ0KC6iPNs4huJxSwH4wqtdUdr2h-W0GyDJ_STVTfBTusI1vmGkoTy06hkCLDTNOODUW4vWAmZU2hGoMcYS4-j4Q165etA2Amt3b9CAJs69HbhLVgOhjM6rksQMCEtHBWO3As9QYKauQs26_HuSS2iZyGl7j5eHIcaOKGVoZkNuxxWTAfcMGQjIeZtmHkMIyou4Duj6hf2zvg1SLfQnqs2b9pxsgDs05kpdbif3H0vLLlozD7FBhI5T0eV0c5h2v-pVFsSX7XgcfbZLq_aMbL8u9ArkN3lMEKymEDhZpYqFXfAai29TFHzH04aywmdTjjMaBmgRCdS0WGdK3KuEXFJlLKlwCNcjRJ7lulKm0TjvAjScKsfouZi3Dm9rfAssD8bXVXSeVvE8VvKGMn0-_aLOeZuLxo8eh05FAtmDNhxnIAzJS6YD9h_mTjJXjhp07d_8MMnyDw5vJYRf6qpuAtoqz53Ouykrs2BrHmf-OdLFwJnslGNhDiBFDvskyuPEa2v4qh6ogcG6BtgnBJixZCCUQBpcHVTCHmGEm5TrtGgluVSelRb4QcTRY8pd763iHK0UDPry8K7qRreSceGv27O-2qoMSpUb_hOiwe0nUxnz9TRbhrGNIpeK_nxmFacW-jWCnDI1rg2jaPOX2h0LzLQQ51hnTEpWce7GSqJB-qaUQ7adjierGZ4Q-vnMxHal3Y2-VlJshBjglKDNkys7bARVfsNZ8yhs&cid=CAQSTABpAlJWRJR3XoO3S6v6wD-PaQL9Pw0tjZv5IQA0idaXemiKCu58QfdGHcVaDTsFQ1oDvVhblcF5B3giREpS4YaECHnQbr02XcZypyoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=1184866595718951000&adk=2923430907&idt=165&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6014d4eb8432bc75fce7072a92ec06c2e1c2d80cf505fc1f7264ad40298723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 14E0 170 B
232 B 34ms
33ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYx4-n3QEwAQ&v=APEucNWReXZStIOaAlGehcQTN5zaaH4pTHOJ8FTdxAluRQPiOuK5OTp_t_UACH2ycQQezXy4LebhKu-Xc8mHjwwXfxv9SSrLng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 14E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1

43 B
728 B

46ms
45ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYx4-n3QEwAQ&v=APEucNWReXZStIOaAlGehcQTN5zaaH4pTHOJ8FTdxAluRQPiOuK5OTp_t_UACH2ycQQezXy4LebhKu-Xc8mHjwwXfxv9SSrLng
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCX29ByDPD3YDP7lZz0OQmYtsNJgpjAThzLKOrEXzhpB0Zq82UuxErnrcG0RfaIokNNUuaEKUDwDMA3x86cLUPvATAWgg8ouorf4FP2EeQGUG3yJjvaeGQMYsrhBLZXBzQdHRyOtfcR6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80491f9ec96c020d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 14E0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP3x6.29sfMDigABrAlgyAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2

43 B
736 B

41ms
40ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYx4-n3QEwAQ&v=APEucNWReXZStIOaAlGehcQTN5zaaH4pTHOJ8FTdxAluRQPiOuK5OTp_t_UACH2ycQQezXy4LebhKu-Xc8mHjwwXfxv9SSrLng
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbgQF6VGr9RagSpfviNW3lwXdxaX%2BHT12MSW%2FY2McO1kRaloQXQmvG2J6fOxVhDT%2BLxwTWNLkguZtGdqYN13Yqg1EsSaFx24La1WYCU%2FFhIgE%2FyL81xwSJB0RviScHwzrJ2SExGybQ7KKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80491fa0bb46020d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyxrtscK5H62C3BbQjJJWg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 664B 611 B
263 B 97ms
91ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVHVRxxnrJhXqDgc17oM2CKvZfiuKJ79Kr6kGjlQawdTn82BN_KPUvQ-9TyKLrrh_zOx1uESxWtQOpjCRYXMEwvdFFuEg

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CE89 86 KB
29 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE89 42 B
63 B 123ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1aM_F_844SC0Qx9mn4UDTlP-uDNoHeLe4gcWDmd3HGi1egtZVMv_jG_dDS0ZNHND2cPk4TrgWZCvPsXRFXFB8Kwe7l6C3V5WBRc-YphAZ0YGdmfI

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE89 0
20 B 123ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15994746715406537162&x=1&ct=76

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CE89 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 16:24:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CE89 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE89 181 KB
57 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8174 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 container.html Show response
25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BB0 6 KB
3 KB 24ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:18 GMT
expires: Mon, 09 Sep 2024 16:42:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 35ms
34ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=6.62&b=1&r=file-upload.in_auto_interstitial_desktop&sy=9b005ed2-4750-4e8d-9454-73c8d54c4d20&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=344da3e3-08bd-49f0-89aa-30127ce8acc7&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Sun, 10 Sep 2023 16:42:19 GMT
cf-cache-status: HIT
age: 1957115
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80491f9e898c5254-MXP

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B109 611 B
263 B 67ms
66ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYzo6n3QEwAQ&v=APEucNVRGyCUc9VFTXB_qQCnIctHurEz3yMWpf0agytLcpuKQI4J97vKXB28vs2IObQujiqj70VOR1uwbPwMGUBsd21fVkCvcw

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E784 86 KB
29 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E784 42 B
63 B 124ms
123ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSlZBxxfqgwkTDpF5l9MtA6OV8ogRjGEnJ1TvBTxUxwXEfOvfaLqlM1Of9qyufXQXP1STYXOgfHisCMQUPUHABCzRLsdoP4ErjuyZDPzEjsWqn3zI

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E784 0
20 B 124ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2071278019984008487&x=1&ct=76

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E784 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 16:24:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E784 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E784 181 KB
57 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 55FB 172 KB
60 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Origin: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 55FB 11 KB
4 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwKziJsIoGvBr4HcPGMOIlVcaM25IbW4wXuI2PyrdoLQdw9UgNmFjpRF7ZydSRfgYmERNShfXdlpKMF2oEmFDFaqmGgk1kAGt4el_R5aRDW5Y02UM&cry=1&dbm_d=AKAmf-AyeUsw0KN5wP1iSQ92Wgf3DanKWFoLqFKMooEEjfSd6BFI_W3SuWiERUVcHndzZ2CBOblIKBNjQogz5iACBuRNbam51V77fa7_02a298Vr7sr5GjCKOOl4ZRQWOBWFuKYVNU5P5T2NmBcwwM4QLdwSuXxQVFXqitYGRF5q-UrhBdxTFq3VncQDDsRmXHEnOqEDA0uiO2HfX1TI_suHfaB6XCtA_bXf0pY6tSuQBO4mSOLtvQB9h0Jlxsy2wsNqcjZrPB1Amzqf-Fi8xUFdkhDEE1WwiKL16BD1AJwTw00QrgUo2wuphHRJbbg0D3mJKyaW5nJq8T9GIs5AAp4M9MFoANvQ5UocLeN-CAJP9R1TYMt65hRpYdMMBDk2xkNWgykHDieNGZPBiRxC2QhuyT8NUJ8NQ9rix7zlc6y-yKeoCtTsYItZY3jCJ3RKaNk5LVYHTcMSbsT-T4_7_VklxIUSJApc5eb-zpcwBE6KBlWmtzDWM8Pg7JpCJJyh50K7UELeSvQoC8U5VJhL_Jg3xIWsPOx5gXClxYLxJKS9OjALSDW5DKA_svd_IOIKoInck2J7Iez1dG22UNrGIWh4mg1tQ_zjHOajxjzsof-1COUkvYinjAm7jFd3qgEAbKOVZNKJNyGAuLnMopSlxbgHP_gED-nPo95hJP58_thyBqJM-WIY1RBnDydYyRwR2Q0RE26TNmXg5z6XhMwK1dy3Q20A8ZNbG-IQnWpkS68IbHwATDngptPyJnvpJGzqtjrkFM68BAOdx2SQt62YRJpJcvolVbqElmZbPTWUJyyflFMuvqqOo7n_W9-7cOwVERb46i22zU3L-fttxDjWI--Cq3bv57EWwsGsWXo3sCvh6zUFW10dbwGi9QM5huhBKsEIaLFUKmnu1CTN8zmLYwFbJjhjo9rzxBo6H493euP-acLI3PHWpYLfxJRHv9HOenJKuYCS9KuTzrXCVHlGnEz0tatShGcaOikrNEDpOQH4wGfbObLo3MT5vDbtcvDipAEZHx6tmEUtQ2AwEV1KxF_-rrHmDls3slnl3iexMVCK2MziZ2zS9h8oTHhSCqukUHwdBJKKfxivJOZqHDeDtmJvGnzj6PRwVjx2N-0uMNEitllHQtk_FCOnT5rwzr4V9S3SsgvzPYcn62D86gvyqmoXg5M6Z1X0teITmb88-7mPy7KJFoCZ-kSfJyA39FhrGexRJhS5NHAU5n0uOA8LenON7CSHkdHHAm7Oys0b2LEccATziLzVUyj14Xt9keYPVJmqocvf6n6HNDJgrIyqN92BOAC4j_YTmczQkbmaFFKZeWE4IXSCr_7B6kxqxcBq1At8iDjxq4GpE9wx15dsdWx2-Uun84wQIHNGNGw-ZVqVTxMYezBNu-N6sxz3iTeyvG02Lla_8TTqTVzdEjaQnAdDC3S0ru8V0yUEIfi6Cx49zzQJzgYR4kChFZK9HA4N9LvBzgoosoclBRiGJ4ECHqQ0KVnjBYCBMnVXFrSomABdWXW0SJYhMpO9FpcTcuETIlybD2vmsgB6AGmveE50ZGoejXR3A37Dl_FN7doTk3iOzjTMZ1TTI6mWob4hvUizX96Y8Y3hg-_Q73KiHU5BzGS_nV5jFFfTSUfMjhq4hbM_EW1lLeap--1SMb9FuaJEklJ61lT1Kwc-Ea9Do_YXCg9jxy19vM3hmqgrk12sTR4ShQguNRqSz6G99UJ9_rfCEryzTVpoyPlw07p5mLR2nC-P31w0mhWXFqebPzu4_wgmXZxlHVTsdXEpe0QuOOhRn1TyDi18LuYUyicgqb3I_P_v8gq23MEE5X9raBZPb2Q79p7IqqW-8IrPneo7-Jx5I0xnMBZ-sAqv5MdE6tqiUcXaCEQGsUqZeMxqXVgQyu3xR0V8fioYeOBwfgvcvTBDv2gICoyzWCGNl-i47e5CLNA1BiSetLaTEogHmAp8pOqeI-La4vsreP1LO4ZzxVt_d7StXhGkAPCLbzuN1WEjOa8ppkudNbDzuWUjYvJE6fQDJNPOj6lgzcLUKWNAT-Btqb7qyoUKtiobzOnVAgnEFph7QWUjuL5isAnmA-XzkOnmMIzMkFZePX1eb-Pev9MxChLFiThUUnwv9Fd7wXNJfNqBrxSDpf3bpMmm6Aw0qmGmfV0daKinJGM2pHyPvPFz88_BX6Xe86KInUrH6-ge1p_njS83izGj32hXOjbblI7JjcxSdspYXC5XPQ03JD1MpM3tAl8BcSlOkpN7fupPhkV0xB3yi1maFJxjZtN5XlwTbVOnaPksgdblRcKR9C6cKIpaQexbUgmlQs6y1koN0zjkJuTnCvPAHbW0ylkFA-ydxu5k8I4vL_3_PnIklI0gZDS1ShArKgOOYAOF0sA-tT9_FKfptGRXJQsOM-lw9HXg51vxAejQE9cpJhOafN9Nb7O8XfIEWX67P4NatKTMVtdJPB8dgbE9fSphQ8SG0Wz9GIjKVvsgHG9ilrdjdAbUkigA-cCrNvYqqBCvLIM8lAjKvimHIIXDpOMDXp8ERGlz5LD1-xbw--wvTaM1Nzcu5yPdTOUb_GTHokLmrI-569a53k2mlxpAkf_ZzmHIN4WBIYmGwbEc2ACYZdFxALQL8QOwj0ncoXRHpfxCljXxD5eKyqY6jVMuwMwsY76HQE08hK7Aadq0Q9ew79ypJX3ZshZc3Ms_Im_3F_t4E5ZQRJm0i9aQTqD0tDV4UE5G_uKuCOROqpTeO59D_WzqfPNqroolOp1dgK6pCEwB-ugxbGPZZJ0KC6iPNs4huJxSwH4wqtdUdr2h-W0GyDJ_STVTfBTusI1vmGkoTy06hkCLDTNOODUW4vWAmZU2hGoMcYS4-j4Q165etA2Amt3b9CAJs69HbhLVgOhjM6rksQMCEtHBWO3As9QYKauQs26_HuSS2iZyGl7j5eHIcaOKGVoZkNuxxWTAfcMGQjIeZtmHkMIyou4Duj6hf2zvg1SLfQnqs2b9pxsgDs05kpdbif3H0vLLlozD7FBhI5T0eV0c5h2v-pVFsSX7XgcfbZLq_aMbL8u9ArkN3lMEKymEDhZpYqFXfAai29TFHzH04aywmdTjjMaBmgRCdS0WGdK3KuEXFJlLKlwCNcjRJ7lulKm0TjvAjScKsfouZi3Dm9rfAssD8bXVXSeVvE8VvKGMn0-_aLOeZuLxo8eh05FAtmDNhxnIAzJS6YD9h_mTjJXjhp07d_8MMnyDw5vJYRf6qpuAtoqz53Ouykrs2BrHmf-OdLFwJnslGNhDiBFDvskyuPEa2v4qh6ogcG6BtgnBJixZCCUQBpcHVTCHmGEm5TrtGgluVSelRb4QcTRY8pd763iHK0UDPry8K7qRreSceGv27O-2qoMSpUb_hOiwe0nUxnz9TRbhrGNIpeK_nxmFacW-jWCnDI1rg2jaPOX2h0LzLQQ51hnTEpWce7GSqJB-qaUQ7adjierGZ4Q-vnMxHal3Y2-VlJshBjglKDNkys7bARVfsNZ8yhs&cid=CAQSTABpAlJWRJR3XoO3S6v6wD-PaQL9Pw0tjZv5IQA0idaXemiKCu58QfdGHcVaDTsFQ1oDvVhblcF5B3giREpS4YaECHnQbr02XcZypyoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=1184866595718951000&adk=2923430907&idt=165&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 55FB 30 KB
11 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 55FB 41 KB
13 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6491 0
0 186ms
174ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=4070046320069164&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2702496870353076224/ Frame 33C0 18 KB
4 KB 124ms
74ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

571768a589db77a865fa04ab853fd707fb5e6ae4af0bcc00df81bd2d77a74d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
expires: Mon, 09 Sep 2024 16:42:19 GMT
last-modified: Mon, 21 Nov 2022 07:31:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7094 0
0 183ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVTT98KHg1cq8VXXlPkLSRQq9WQG3jX_jye8WHZ78-zjY89A_MmfqtrjxM7CRRMV1t9hOs6_dsBoACLjdtLmX5kOqvexwn8D-E9Mu7OWIWBy6xHNid5M3nM1auUNVI7QxWaIxRZaVWlQFcTylZqIBGuBJvnl6WZCWRWyW8lbUAxX09JiQgmkjoygZ4SenZhcsV3LDSJ7teAb_5OPoQ0heETDWBCNfYlcgjpKEqY9f70CFhdvuslSF-tRO_-H7aG8W8coNDm_0WH6a2IHHuxmCQTENc6Ha16889rlnfnyFOigTxk0rrClIPp4RNN7W_2uO13WTOBrVyEqRgHDhHensqhno2sysM0yyLRti_1otvFL_Ut9_2X1oJbOxcrkG--25_M_mDXX9jVE4Rl--4GrFangSAcBCX_E79RTvXgngVUOoK3OTF0AV6sLnl_w9W3zOGpcCBZfx3qOGuPw2qieQenhQQ8EoF0YRCwaG5D7RqdsCsdeurKvA70bhaj0SKZK5LnqioYUO6vb3QOsyQm8H3bo_I4B4MqcE3KRV8BHYhmYMkOqHChl-zHHJO5aqcqlWeqqxQGb4QtmpzHaN9LpgHkx3Riq72K41JCHzPtgn_3jE5FZaHmBISQXv8ivED3_820sasHM5acQx5mTRcfm4fJcppaPvUuYMPJabGP0SSO0akwfS-GX4c1_MpOzVJKtlOohJUz1LHZLRKRAer2O4rrbm1a2AHPt06T_g2XeJORSlgVjNQ87PqVEa8WLu1kT1Rzh91okT-R6cOJWPbiuIlKS3BWWwO5dsUt-gD5ecVf5GzE07apOw4-Cb7TxnWUu5stApl5AmZzMcZDD1Hf6xzCZ3-4Y3aTu0CI0o09VOZUqt14pXztsg7uvWS8DJlU9SFVyAb-VnezceTDMdkyFkX8k6pNm7q7htHwdCXZS1TQiS3s8bNvabKCIb5DKSaqgbfEoJ4q3nWrsZpxseoVVJzPy2YPLZ6w-VRFqoWJmPbg0VKFIlczBZTLd2eg9663xgmFCDXT-rsmVFs8A-B_KSPW0ADYgX6Ry2HayyClLj9bXgEZAo5uV-1NjZ4q1gtklW1S7TmmHGAOw1dKuUiMknn1Klxodm81J6h_Dajrx32UvdeiPGZRHuN3K37Xh_kiqGMw_rLzLrP2UQYd8yjYYDBKcrZa0Ki-L5ovB0qKBHAcPxh7Orlxv5KBt7j9W6PWmvdJ30E3vnJFJS3JHZXBF6c99rTuYa0Z3P_5xUAKdCdig6NYe-zv7SrixozoV3cj7fnR_iISUfPQlgWgK31ZNOq6GaSD60Yg4D7FSCKN9E-9Nk&sai=AMfl-YTcZMVt9bw5AIR-rybK_c2DVM57iVF-s6rJjiDirLnZgFK7OD8U9-VLfeM4JFX6e-gLsAuNi-x49s1J_CBtt1SngFxo-UgN-G-Tul69b__bJWgXbQ7kc13V0U6Xyz-MYI4p9oqO_Mv1XutGR9DoAFaaFZnt5f5V0tnWcqeNXNCh8Y7VGASmsdIabNoateyYxPc6nKqw5u18YFH6ZLIvUymp7-p_jkF8STp2f7F_HPCYq-XXNsN3hVfCXpRDFe6guvpFD6cAy0uGbvrAQEmayXs_JB-dYdbRAhndgQMTBIJLjg2ssXAKWg9E3whZKD6pJMGlGedEzE6-3EyyiCXAAG_D1eRx6fl5txFcZ9cJU-oXKK2QRxcHaRHU1dazqRrhaW7duqbMNmspN7vsLmIbHSALgTfIgdF9MVNKvs5S1owLOMAMIBBK4Cu88CNth9jZeNnh3JmDTpEbZWImZQnLlRdq5Pk7dfjfkg&sig=Cg0ArKJSzPd0ZjPHix5jEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&cbvp=1&cstd=303&cisv=r20230906.23768&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
DATA 200
OK truncated
/ Frame 55FB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa6a3aca42fc25f7f1b0f6157ca7fe231d3e52bfabcf4f794bdaffd53279215

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 3BB0 4 KB
767 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 16:40:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E7B2 6 KB
779 B 80ms
80ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 15:15:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E7B2 2 KB
892 B 65ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:18:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame E7B2 23 KB
9 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:18:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E7B2 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 16:24:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E7B2 20 KB
8 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7B2 181 KB
57 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame E7B2 36 KB
15 KB 113ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 15:57:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 3BB0 20 KB
8 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 14:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 14:08:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3BB0 205 B
519 B 113ms
27ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:30:10 GMT
x-content-type-options: nosniff
age: 11529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Sep 2024 13:30:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3BB0 604 B
696 B 113ms
27ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
URL: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 329860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Sep 2024 21:04:39 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 664B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

43 B
840 B

27ms
27ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVHVRxxnrJhXqDgc17oM2CKvZfiuKJ79Kr6kGjlQawdTn82BN_KPUvQ-9TyKLrrh_zOx1uESxWtQOpjCRYXMEwvdFFuEg

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
an-x-request-uuid: 6ceb2ff4-943a-466c-8f7e-ef8caca953d8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.171; 45.12.222.171; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 664B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
an-x-request-uuid: b89d2d0a-7eea-4722-aae4-d783f4403bb2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D
x-proxy-origin: 45.12.222.171; 45.12.222.171; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 664B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1

43 B
61 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVHVRxxnrJhXqDgc17oM2CKvZfiuKJ79Kr6kGjlQawdTn82BN_KPUvQ-9TyKLrrh_zOx1uESxWtQOpjCRYXMEwvdFFuEg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
date: Sun, 10 Sep 2023 16:42:19 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 664B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame B109
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

43 B
840 B

26ms
26ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYzo6n3QEwAQ&v=APEucNVRGyCUc9VFTXB_qQCnIctHurEz3yMWpf0agytLcpuKQI4J97vKXB28vs2IObQujiqj70VOR1uwbPwMGUBsd21fVkCvcw

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
an-x-request-uuid: 116f3beb-e2e6-4ad2-856b-7850aeb78aa8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.171; 45.12.222.171; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAGHZ_ngHnD5m7W6YLpmv2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B109
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
an-x-request-uuid: 7719adc2-7b6f-4112-8bfc-0ef4015e73f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Nzk4OTA2NzY3NTkxOTE1Mg%3D%3D
x-proxy-origin: 45.12.222.171; 45.12.222.171; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B109
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1

43 B
61 B

35ms
34ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDKynYYzo6n3QEwAQ&v=APEucNVRGyCUc9VFTXB_qQCnIctHurEz3yMWpf0agytLcpuKQI4J97vKXB28vs2IObQujiqj70VOR1uwbPwMGUBsd21fVkCvcw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIHI6JMSbnPk_Wh4GQ5p-bU&google_cver=1
date: Sun, 10 Sep 2023 16:42:19 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B109
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZmYjI4NWMtMGQ2OS0yNzEwLWNiYTAtNzcyZTA2ZDBhMjM0
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AFD0 22 KB
8 KB 34ms
28ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 209752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D458 0
0 70ms
68ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CO7kS6vH9ZNCIH_Sn9u8Pp8SdmAvb2qXvcNeWs-K5Eez1m-KtPxABIJWbyiFg9ZXOgeAEoAGHv56dKcgBCakCotUxFlPJsj7gAgCoAwHIAwqqBNICT9CDwxBUl3U8fzDEoQsIBIYQ7jBmQ_ss0LcUd0EZcBBKnfZzYGgyoULoCZ1zneLjpnnm9yhEPFQ7Y_PpFhOXmkIz_pjABfMEFxSo9770F5RPGLuJ0vzrg8JfnhThmFEdPfjRETwvOHaNG50xXxOqkBH1q8uxr7w3IvcL3tjPRHpy0XjAnM1IdMLkqwB9Cjh4P4FQMfSETIHyzV8PGOWw0eV1fnOTRJAVCpmNjlBZsUcP-_yk4eFlVj8y4mcdujPaHZbbtRY_KU3Zqr2H04jEs-XMHGpHV6jq_P80lSQkm0thf2JpyGKyr8UJdABaftMY8QBaKl5td0zwSS1FLFCnUhqPljMy0IidTk5KGuygJJwOQ9r3JRzp0yJWSeTl7kpparoHiosolz1-E3c92iEkgMxAPGtKLsGQiVFRSeH-YGsYxM73oz7Sxzsx228w-MD5YdXABKidjZmtBOAEAYgFkaSug0uSBQQIBBgBkgUECAUYBKAGLoAHh_fu_AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDdnxjSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJQ2h0dHBzOi8vaWJhdy5jaC9iaWxkdW5nc2FuZ2Vib3RlL2luZm9ybWF0aWsvc3lzdGVtLW5ldHp3ZXJrdGVjaG5pay-ACgPICwHaDBEKCxCA9JWO5t3Om9YBEgIBA9gTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=IYhkNwypltU&uach_m=[]&ase=2&cid=CAQSSwBpAlJWk77x0IfB6V8uS7q-FokyABTppClL74Jcradv7Q4prOYCbQiFa386lcqD5BXzZYmCn9fZqAc3atkQFdo4DTSieoi3RCFqqRgB&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7094 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe14ef22a79018581243fb7d5e3a5a1c3b56cfc88717648efb1064a598cce7cc

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE89 0
20 B 125ms
124ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8835195119286&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE89 0
20 B 123ms
122ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8835195119286&version=m202307240101&ct=76&x=1&cor=15994746715406537000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CE89 99 KB
38 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALWhLsQFLrsN-7No9TEzAk_pQoBgosv8RH9FJgJbWnu_z8b4V3EHQqMnwCtkWV0ZTD66IIbhFEOnaCuXBarItWBI8XfjQc-BBXm2ZPRkRuDT5kXng&cry=1&dbm_d=AKAmf-CFUNy1LnZk1uxPJWQDYpjfCircNOfYMmj76eEcNNejiDlZesbPjOp9nPW3Dal7hEAJu81IZoLLzv4GbbtWScwXd_tXgsXdgaUz-ENZ5hklacTWVjOIrRAM6yPXltynjvtCY-7bfiURls26LuS4CaHW1ouqQcOsBUPcz1oko0UVIquYoCae0YFmSorqddcgoEGXCVDDGHLvkmGJN7mKzKevVh7N6iVJErFnAYvAO-3KlK67h7NHQTbSuskpcShLy-bFlQHDqr0BAhV3-1LwDWF7ElpOEvMFF7LTK_dDnhxwXW5pjIO3xDhB7_x23O6_Tg6B-Yjx4MJRE9Q5i-Vi6Rj_IvLvmpj1WcTvhq3stn-a7U7dRBRXk0V7HNq-Xn1DCJpGV-yWK7X9jms5Hfl1DfrdJAzVOLQD8fcg01zFYkz1p8JpNxzbI0j2YrIhYjVHzB96qHOWq5X4caAbOPLAwScZZJo7dfnBI_6f6okqO_4TkiYx8h6yp5awxQExhHY4Hu02Dfac43yP_Hv2-5sAoZizSP899wfhdNirfCALo0I9gYFYLzjYJ3x_m7RrCHC6KmfDoNf_6JbYHA6hnZV1EBxvIgtxJSatIdhwDdod9-O1lcvScCz2qacKgJRnI1MkWbFPuGiWNp8KD5yskk4FocZND76xye3FBD8ylO8Cs1yPCSUPfD8-c4qHSqNzsyLFGsxvVf36nLAYUVRCZDe6pXZWbQvVNAezClgUTPJoc4Hg2tFVROw0Byw4NgiCDu7x4pTebkkGfXIDDsScgg4kEoi1F2o3sNR7ykgvp2aWGurmoHqjSNDnBbQrBrCzbH95is6lTWAjz1MoTmBO0CSXhRWlBMH-ZndyhlazIAACy7qIqGv0PyFqi55pT2qVZ9dJQ7s2wciqH_u9svrwlbFU1sFYE2OWuIx_VAFPhzoYHcxlckoWvEDpOGPwtTMQ0IVx1R6UhP8MX5Nc_GfJenm8mnldUwhLCkpQQEk0V08OPqDe0AcGK7U1yryo1vFjbUtoaAjABJKvro2K5BoUbMSiw7Y2A9K7VZE4SB6n3mgjK0auNOIcT1XiV7On_O4ZaN3NRylHchlVTBsKgLrUf1vf2VXtx2R1oBNzl0hf5bq9to5OxxiIyOWiKwCJGGztkjRNH5FYDh2kWDOoR9YYrqq57mS5jFBRHsE2Ak71JUgmTmj0H3piHxXgxbO-YidZkeehzmIU7Kjd8va_ADos3d2l4xUtlBV8zrTyasJLWF6stoslAZNGfUYgsC_g9bjcPCHmSiYDpbxgSNGbE5rR8NIjBbgUTeuy9Y_S9Rc0FDuk4WyBZxvpAczvJ66JQwPUSP74IMC_XY1P6kCckP9NJvMB11m7PZb4hwtL7K-mQf_Ix3agQVEQjbnq1bG6nuYlIr7a4sbzd0BSROjgVjsnNHQJ0zWlId_hsZ4FC-DlItlqck9rvllPOz7u63ua3oOmO-fXlfHDbgxVETeBHyZBThOQy8SHeSIWPWqFkp6eWeZTnQ102ydJR38PnWdwKPKf7UC6pTd-pAip52k8KQ5nf8PbliOr9lBe1iUvWhwjNk1Zk6salSpEJ6yCXXrgb2w6QVI_iUem73E18rn4zqaYLtG-Kx0SOqbhH9mGcaD38r3yOppX0VqOEedxOjbwO6vip6zoqp1BpqYnIUWPo9UQUd9blGyLSmU64PJVpstwXksr9WyGPjCbveqkZdrVOJssnopq5ctEhmouss3vvLm2hOW6TNEMXuosVZBzmd8l6bBjEOHi4URhMCC3UsdB4jT_fTq6s_38lprIhP2vvBPZfczHqVVmALHXzT5loHH4rDGAJtump0WBACBz6-hhbzcc5WoR2jySqkQnNIaLNptOR8O15OdbyPS93aXjZ-l8zkUrbDiDfc8X-WOPW-4FS6bSd9ctQApiFkSBEb76vRCbxCFoYrP9ZyctBtv4-DSw9DVr6jKxM6I45wwdq6WG_ofjM_uth5uraZ_nSsgEP2MLience0aNjcLmqCQ2eAyP3O7TeyXKRJqBtobmOD4kx7SToFnQFrGN2Kf-1Pi3uM7x_hgkWOigGkBe-NxCOycsC3HeRyZ5nwPgBvEST8rrDqLx7eDHoBlKUHHg8bskZQnebgpSXWSeNyJ55lbpf2ivtWNxybHCPImP3QlnP6d5M7bSuUbmejULDCv1oelw5vdsPruDD6qnMsig55GgNKOxhGn3UEcz6At3c6j2e0gdvdEQJF9gacw6GynOD54yaIDH_gnVW51hLs6q3fIhwsJ8NfxuQVQSLPCkmGPYOZtuBZKopybqakO5UU3z0U6XbnxY03itqkUyb7Gdx5br2O3gyeJVGHlT2CmYGb7LzL07m6VffPNJs6ZhcOMnXKJ_faQsR9WTLEfAOm01U7PIDE14NFa4nDJw1mffTY42wQk2hhnFS4MaYRamUp4e5Q-94AFWe-iXiZ2yWrehYIek06zRrLK5V_Ve54v844eqTkDoRWrAm4Yo9qaGZLeA8LOBRsahschtCRiv99cMNfLVwYZaDJ3Td0P9xdeBC0kYG1nT4n1iBq5lrwaLOsrKWk4A4LswDvDzzZSz1moaUwGjMhZRlqpSu8ktPDo-mCHVdQvdXxhaTGqABjEnWO7V2l8SE-YSxWBuYGr9t4BaURti5Ds85x4JbSjULVNvpMHfv-saeLUwOhWEIQW0gTy4RK6Q02TYo8Ya_jWdiM7qeY4PCXKygOc4CC7RJjl6hLvBWwBCjfFN5xdBmdSk0wyXzyGr_ZDlcd3F6kM7dOGtxQx0HDpBh0vtDB72epppELpNEcij7BaYzKRWAb_8uljbj2TUqrfH_s6fQgdscsKs1uD9CvqGW4nqXeMPMXL8IgOfhnvygU77dVxkEKXriRGaDLLc8gBa6IndLh-mM1wbzJe4AaLk_1nVAo83RQq1-5xS7FIf28xRIqLI9yoZje8f3A43-WMfjOUde7PoR_dckT2Egg8D8-oaMID8fqZCCY3uu8nGofCwBX14pMQ2MVk7Ft18uLWtGr-3y2KfVhqALNfHSeLe_-WJudtWmiLLi81UU2Ye1XnbBv17bijRtj8fMf5duWmQk8EEJdZnc76n8l9OetTwKzzAvWN6lj2INEznQBevPD7L1fV1bmgnlcIEDgPV72UoU_IBDx36sxy5Kq7hl06hFk0eEwf1oMinLRJ2SJJnplWGlYe_oHCb256vDZy7AyJvYO5mIYhx-NEH2SLcRa548N0CMez_XBeF6IzxRHM9ZgTXtWfGjsraglgXoHeEObPun33OOC1r9MXJ4H84XQnBQrZY2Oyzlm3Vpt8QL1kAbWYDNjtmQCPlPKGSuerl_QFO3LInOgGNy3UGYcRNkxO-CYhVanGeLfi8ZRpdvigEJXJtOSkc9DQacKkydnzpvcDILtFDLqub8tA1eIZ-vGkNgh7jzA363nh939JF7uw5lYce4N2e-GNG69NriXgsCe18drulgJmqAeNI9_4cBh1h4rA-X3ng8ZEyiiJyFj0LojLB3nCYLUJGWgYT1FjxT92O2vMpD-TWe-mFou1Zdmvj5ZOdyQ6lkgDfw78znZ7juYFV8whYsc48Rv7IHKRAC7PQqvzMLx_84q6sfw&cid=CAQSSwBpAlJWShs0pHHpYbJKav9Y099ZbaT2uoXwB81IQAcIYuMyBz8IbH9EeoYVWBmQlw903ZYiWf5eF0WiKHXRKiMN18a7EB-0_gqv7BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=15994746715406537000&adk=2857193498&idt=111&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e97894c283fe8bab75b45ae7330d499e07ad41edbc7bec6cc50b4a78c4f79a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38573
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 33C0 63 KB
25 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 33C0 118 KB
40 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 04:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/2702496870353076224/ Frame 33C0 3 KB
955 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2702496870353076224/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ff2fe2ecee03ec36350fc7b4ac00d5008768da42bceb1f475445b246aff1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 07:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 05:56:17 GMT

GET
H3 400 css2
fonts.googleapis.com/ Frame 33C0 0
0 33ms
32ms Stylesheet
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800;800&display=swap
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/2702496870353076224/ Frame 33C0 14 KB
3 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2702496870353076224/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80886b973cf1c682904eacff70c6c7c353a9d434e5f375dd152b292ddcfb20dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3074
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 07:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 07:48:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E784 0
20 B 122ms
122ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4870407661052&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E784 0
20 B 124ms
124ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4870407661052&version=m202307240101&ct=76&x=1&cor=2071278019984008400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E784 96 KB
38 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATKGwBk3TqPSrnYW5E1Uqr6hPNrfqZnwwTqw9HkVENhbIzvGKAjRtUN5H1u5VfxWLqUgyQ1VBa3QWs3foN-iyVT4z2CISc35bkH3ojg-iSiJGnbAQ&cry=1&dbm_d=AKAmf-CMOk5Qy-0WhzckRdCV3i7NLjTj32xKcOrhYbmbZjJHZhyYkCAUO0tjGEwiUets6y0BVmBHWnuG6d1NxEby20bv-lDAmhRN_Ca7KujmIVCHw0_xTiZTMM_57xiMyH_cdla_SCm52szrzaKpNve7hEuQPkAhRKY8rSNjKSGXLAFhBVZb-zVxxCCbGT0iSKHnvZSVIhsY1DRKW4RCwzGMVaAcY0EyMYR7216XGRzdZA02yAnp30uwl2rHpRPLq-FRr_GrhmzKdB-1EeX0l3t1XjhM6-KxLt1rtd47zSFEQOPcmUri8z_OIl21KnbDxpASlBTeS4xMjp4mM-inB9Tl-nCs8Eus5zG-ZZs1hgzCGOSC725S_SYb53sRvKRaFqshpI7b7ew-BjeOd8UqEuRIDWTTlR9UyScTwd357IKDvH2ucEzLX5Ja4bHd2Er4OUMbC7A2TyY3tIdpNwBhuYB26Pop9K6KSYfXVWXjZS77XYZxRnCTtX2gPd1r7smF6gI2RcUYCh43wYqMSmYO1akEkdxcuJ55mhW1J0ja9wUPqjRflxYFl-H_-pPfNrDGJm1l_ZVNpxSsnAYz-_gLmmv2UO_SpCUywtf0aC0crcYNSLc_P5Ua-gIscfNBrwJzqUhi6Pgwy4Kd-N9VYavhDAnSotWHvgteefqjNF5fkueqXmY7fD6lgo2O37Krbw_JP-x8-npoUewas0G7Ly-MeniWzAMD-R1lEecqPZSE4MFcP9xbAtQ0HDyOBu3BrsMv8j1hS0--pfIdAR39rPgNO-bBlaK32TbrmWliUPjgDWAzusLVA056HQ0hg-BfmCbhN04xtfNfPi2wZiqIxN0a2RIW1EqnkFxrEq5hKvo_I33ZZhlwtRwo0f_L2JPanFC1q7is3aS1w8Xc6CvGBHtBt5CcuaSt6H6ev-9HYXyHcyCBkC_zINvKbgn18nm4E20qchzXhUBOg3_ugxDFgQivjTTv9sRGAiPqhhLyOzbdOytxIjoa_S9xVdyHD4daj0KcVrL1od00TjxwxdIQfCH4veva5ciawnZKwVwmNv_6DDY6n2JjmlNU04V4auvxcdC7-pthZA9slaH2_dRFFEux2sGSDBB93ROzIwJ3AVdzDMOGDEvSPdvghk6A-S5fu6gRaKcJpAa280ta_fQEL2lgZu84byTFY7ZbcXlqabVUzCVn092YCiDdIppG344VeuM7HhfgLhAUHKEtmaBm2LEI8Q9Hexh_nKIEvgsVJBw-onMjcDA1gG1NbwbIEPTzphOungu7poEGFCluMlerkknMTldTjILqnse-q0txPS-i0uE7gNLQdi8sz-1c1hQCe9GEB-fF8QfVcf7F8nXLA4GfUu_fwwTD-zXDq_ot4D78EP__gT7V9bx5mxXpd42-mStCz05vnhWFgFP2i5kiy-UyMLiUmCT2QwCO-U-qaew-5WrOulBK93-PBJ7VCQTCIs8_x9Q1YFYkj4pyjpA0HScY0dh6l8Su-AT4mR0Oed8ZP2NTq5TxAE7WyC5T4yrIj0kAj-uX6rKznX1_65tfSlITEX0JPpLPuAidif99JgIY6f96naekKYWTfNmLjyAHXsuf3qxX4CwqRVb-dDtI7hekxUE5jCKU4u7wVg5w7VwxorBcKvm2VjuNl9UX9x4fZlCuYANTkeo4sr5GHgqvXOiyTvNb4Z27Yoho74BBdODWjug2C9RkfBzfMKe_spGBU7HIxVRe1_CWrnsUF8ZAE4DRQ5CdDtHNpMoUdrRYNj0ZCmI9agGolhp9-4vfeH_KhRupj6WTF2ig69mioQCreUyxzPOtZF73F8ojtJ1-aXcrxnOreQJmZnLrIZ0xBr5-K_6FriPM0iIpqIQniwmSz6FXXeIDK6pKTe4cycQJxkFmPmizRFFn2_qirgc2eOgM6B-g7UFB6ofjcIPYl9_JHCStuyiR9_J0E6KOWmxn5JpsmzhKpiDDaO6K0iCbUiBI8gN8RgNwLpaozJcGL-veizBK05xd6XuxklKs5VEtVQck5ZwauMcR6VC2sTRyyQTeTr9_3MYXR8wPAYMQDHhm4ZIg20mLJpBCM8D9mmWQkMi7JCBw7VtCpD88OdMOEad8PdQ2zQHR2cA4qmqE_C6Z8ASZsmKzUs0O08EL5QO7rmuV4g_mp4sP-amYm70eyp8FCWRca6-sZRtia6k4hdQrsQxpfzV5uqIQk9EeH2q9mxgy35hOAbxorKdW4-xFVP8cj7e3-W_PmvAFoJSiqsRKXvxYbymxeR2yIYpu4rV3hSZOjPaJi402vAIoAfpenG32oGt5ya7zBc7dy048kGUh_6Im2ihRbbyRaZV6eDB5IVWzwnkv1SPPFuRC9MduXWIzG5D5x-1hwkQwqug648XRq7N7MqvsDoMQJTuBXUcPOds9YxqQGLxT9p8pX0d4SzFpG5DGVKtDNzWkmuB_4pnxStr2g33_I9pAQjQPcOoot98eheCKquAJC68fGwQ2hKoVRmLonSHuHZm3F4p7rrZhra4wUwDDoqRkPUADYG_Lo8e0viPj6E9l3m2RaVN6_GEQ9BPhjIm1PpZTC1Mm2ek6hejV-A8l0jWCzApXZOvSU55iFhXQzztuUdwJijZBvx87IFxvplLOwVyyFneNMvstANOR7SYN48aV9uQIEkg2YGgYOX6SBCrJiDMH9GMXtTaH6quaxj0Z_JNmAl0kzcRAwyjyl3cHHtzbX1o5Fhly-8I83x83wFhiN4YMikZxlauBXhP48n9Ip5gq1QUzFfTnG6_UFYXp5Ck5bqKy4RSDnqT3m-nhsu7oqgA9Ysa1E5Ye-gJlb0Th1ZRWjpHdNHUBkhCvlELZyjU9Uo3cytET6ePR2oCFN9P8gYo_OfaOG8H24JGxoVOjUT84i1qsingi87JgSJsLlejKJhv1w_zNpGdADR81EoIWy7YdKkK2s1qwGft9pmpgijv2JaaAEI1OYNs6amIZnzeoeHVFbL8u9TO4tdhCD6DPChC3QrU4Qx2kThkn_a-TlfCHKkwuPat9cQauN2JcPWt_Hx9rQOPadvMIfUD-3hhxBhPCnCfIVJ4-_Lm3hLbLB4aEPFedj85hiVhnFBw11UJpEQe0LQQnLDgpCXZqObM3Ep6jL36s5InR8Tkkdm9Dj_md85tY60u4_4cfMW0dsHJNgxght215Gq56MeLqedPWqAKr3x_7nz09Q7xCCifSRAKHcw0IaE1uwCOI8F91fiTbL3vE-vpPh6CPyOGqiiL2h3JqtQyagc4nmmifxjDagv-IoZU44FXG0a9SR7FvY3f_m5Mh_JLMH54nbyZU9WdsWtRaNcf3cAd9Yf1-YZ1YkMZYTu-myNmbp-Z6zAyDtMGibySECrc0JNhrfCzTftaD5cd7FjpG0jDysMkWTAbjs6T2_ZwekW7U7cFSSahLlsv26f9eHdDGg6hpkGT9jUm5nMy0O3DUox4-Osio7B81EkSZGxQ-4vpAddsItvQmPB_PqUr5uQFpIdmQcLwXBT2u5yB1aPMj_eI9_AggxXh0qtGBTP0q&cid=CAQSTABpAlJWgvWHNClTGNLt508db03KJOKIhngWD0BQQlxr9rob2gHcSYfjZSpyBJXZFCx0MCI_oS3MxqJkM6WuhhXQhP7SZsneUi0EH3kYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2071278019984008400&adk=2086295851&idt=105&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

278cc9a8e1fba4e39a5e88c6803a1b103563502655218c36c49f17c538ec207a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38567
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 9881 16 KB
2 KB 30ms
29ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2257
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:19 GMT
expires: Mon, 09 Sep 2024 16:42:19 GMT
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55FB 0
0 77ms
76ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyyjxWURhXF_VpaepYI_VOwIt6_6tEInWH-i-uVLDnc3JU0M3HrC6ixKWS9JoDIF3q4dIalepUEYERFM6O0X9w7ZaTaa5vzn8_6E1j1WyeixOFHuQy7lJRuLL8kpFOW5o24TdScqONG_Z5oWsBRCi5ZHcH6MxTbD1yT1EUoe2yWOtPhLmK0KB6UQNTcFEEiHMzRpjFlkWq9K83jJ1W0bDcOyWIOW9dMnfyciZpZ6AVXZs9ZcHMdUEH6fXzwImLoXFCGCKmotPZiUpgWMoL2-mKhH0oQWTLP3zX3fV5H0a5AnO4SbAZWLdv21aFPtgatI8gkpRm6DNi7sJ274wCKXivzQmBHU8bEspb0hBvz4tIiUO7BARxLm0YI26_u0A4TysOZO1WPQ4fZ_GgFP1hGKuQlCsDHJokmLxW-bBHg8QRdffzy2AVfgTmdJdxZZe4ZLG4L-tqwLUGQHkUuWCZdqpA-7TZbRQBa-3FW-aUyTKJVQ7E87vI9VZcLjrvEz-VObf_EaOXrTZqcA9BwIzQ_FmBA5KIfN9H45mfa95PdIRm-0vprD0rOukgR2QEWyt63YYOqmagmsZW78b28GPyeGypOkunLJcOuyud6E2FwaQDpkED4ErxLzhp2j67pYcPHONELHiX1ULCnTDCYDZYf4lZHbjLjEeg4DqsirwWwsngqBaonixMHYqOT2fkHWQe2ZQcPjewtinGJfVUqGkZqCgiq7Qh2cw8AWqvLF5NZ4-oa8ZxybGP5RQiVAcKmn2oYau7Zw6oWP4U4lRvFf-N5aIqG6CbTUKnLAnUQ4LnBTimb26I3ScW0EoXkpYm5BjjXXVUVyto6c_Oz-0ECjaAv48KDIGyXesMTDFRtyj9tAra61yiiPrDs7tHeiAc2HyW7WTx4aPL8tgqjcDUZ-23NK08CR7Aqe4gPmnonp-L6ndZeNX5c4bHvnOudrRYFgwRnx600SVEAEvJTDfQ7ttIwMJgETP58tulKy2et2jqJ1ckFeZsWQtDaNr59tye-i0czz9fNNqHOljDW11n7tvGMs0VbfpjaVtIokGEc74jwVgjencShRR4d4UE47iWBZlxydhCgtvSgNpoQDqkAnRjFSjg5koMhl2LtprHHSgyH0f8C6kSyGvTR1xBaQJDlHcgft6QeOrngVKnKvkXkPOKH7tJ65TkrtN-jRSgI0_COYNPHrQjd4ABBkDicYMRHykI6Lx9cO-IDXWQrNceQEHB1stJiJQpHI8AtMRlxw_MUYqDRN6MhbS9QPG5VCiqP1FSCuaj8NlrkGGOUCRSi3Eb6qqS_1a7FCjdhHyKvzjdtBmO&sai=AMfl-YRs5UFRtQ7O1FFUz_-dTc1IiZ6mGQsIy-5t0gBVUgwV9KaNtTowVExl-aI-MZ_AfZ31nN4PLRQoOIunRA2jSBpZrSdx2vZVYDbS4EdyzA9L9ZJPOWLURG2JE8femDvizSFvze3WlyN0fubpAqHyV5F9HjgHfvYGkQ3XmT6syvb4aPqGzXZHj3phL7FIejPGMgyBPqFbMwC56Wlz5ObNdskWk5kSkO1Svthn0FMWc70PeNnWDDEvrOfMiydNtQ9rF5E6Cr8AAYVzlfS46BRU-Ba8evTj_yMVI4_N&sig=Cg0ArKJSzB9ayDcqz_2ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=344&cbvp=1&cstd=337&cisv=r20230906.35592&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F733 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 209752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9881 63 KB
25 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9881 120 KB
41 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 06:12:14 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 9881 7 KB
2 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58023857e618007c2eed153d50c90c290e31677b495ab330eb6480f729175557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2097
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 17:34:33 GMT

GET
H3 400 css2
fonts.googleapis.com/ Frame 9881 0
0 42ms
42ms Stylesheet
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame 9881 3 KB
3 KB 27ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4902406/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:17 GMT
x-content-type-options: nosniff
age: 363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2869
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:49:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:17 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 9881 22 KB
4 KB 27ms
27ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e46a8ec58514255aedae877395b5a33ecf0576eb368690b64802b1d4718627ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4157
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 07:59:00 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame AFD0 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CE89 172 KB
60 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Origin: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame CE89 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALWhLsQFLrsN-7No9TEzAk_pQoBgosv8RH9FJgJbWnu_z8b4V3EHQqMnwCtkWV0ZTD66IIbhFEOnaCuXBarItWBI8XfjQc-BBXm2ZPRkRuDT5kXng&cry=1&dbm_d=AKAmf-CFUNy1LnZk1uxPJWQDYpjfCircNOfYMmj76eEcNNejiDlZesbPjOp9nPW3Dal7hEAJu81IZoLLzv4GbbtWScwXd_tXgsXdgaUz-ENZ5hklacTWVjOIrRAM6yPXltynjvtCY-7bfiURls26LuS4CaHW1ouqQcOsBUPcz1oko0UVIquYoCae0YFmSorqddcgoEGXCVDDGHLvkmGJN7mKzKevVh7N6iVJErFnAYvAO-3KlK67h7NHQTbSuskpcShLy-bFlQHDqr0BAhV3-1LwDWF7ElpOEvMFF7LTK_dDnhxwXW5pjIO3xDhB7_x23O6_Tg6B-Yjx4MJRE9Q5i-Vi6Rj_IvLvmpj1WcTvhq3stn-a7U7dRBRXk0V7HNq-Xn1DCJpGV-yWK7X9jms5Hfl1DfrdJAzVOLQD8fcg01zFYkz1p8JpNxzbI0j2YrIhYjVHzB96qHOWq5X4caAbOPLAwScZZJo7dfnBI_6f6okqO_4TkiYx8h6yp5awxQExhHY4Hu02Dfac43yP_Hv2-5sAoZizSP899wfhdNirfCALo0I9gYFYLzjYJ3x_m7RrCHC6KmfDoNf_6JbYHA6hnZV1EBxvIgtxJSatIdhwDdod9-O1lcvScCz2qacKgJRnI1MkWbFPuGiWNp8KD5yskk4FocZND76xye3FBD8ylO8Cs1yPCSUPfD8-c4qHSqNzsyLFGsxvVf36nLAYUVRCZDe6pXZWbQvVNAezClgUTPJoc4Hg2tFVROw0Byw4NgiCDu7x4pTebkkGfXIDDsScgg4kEoi1F2o3sNR7ykgvp2aWGurmoHqjSNDnBbQrBrCzbH95is6lTWAjz1MoTmBO0CSXhRWlBMH-ZndyhlazIAACy7qIqGv0PyFqi55pT2qVZ9dJQ7s2wciqH_u9svrwlbFU1sFYE2OWuIx_VAFPhzoYHcxlckoWvEDpOGPwtTMQ0IVx1R6UhP8MX5Nc_GfJenm8mnldUwhLCkpQQEk0V08OPqDe0AcGK7U1yryo1vFjbUtoaAjABJKvro2K5BoUbMSiw7Y2A9K7VZE4SB6n3mgjK0auNOIcT1XiV7On_O4ZaN3NRylHchlVTBsKgLrUf1vf2VXtx2R1oBNzl0hf5bq9to5OxxiIyOWiKwCJGGztkjRNH5FYDh2kWDOoR9YYrqq57mS5jFBRHsE2Ak71JUgmTmj0H3piHxXgxbO-YidZkeehzmIU7Kjd8va_ADos3d2l4xUtlBV8zrTyasJLWF6stoslAZNGfUYgsC_g9bjcPCHmSiYDpbxgSNGbE5rR8NIjBbgUTeuy9Y_S9Rc0FDuk4WyBZxvpAczvJ66JQwPUSP74IMC_XY1P6kCckP9NJvMB11m7PZb4hwtL7K-mQf_Ix3agQVEQjbnq1bG6nuYlIr7a4sbzd0BSROjgVjsnNHQJ0zWlId_hsZ4FC-DlItlqck9rvllPOz7u63ua3oOmO-fXlfHDbgxVETeBHyZBThOQy8SHeSIWPWqFkp6eWeZTnQ102ydJR38PnWdwKPKf7UC6pTd-pAip52k8KQ5nf8PbliOr9lBe1iUvWhwjNk1Zk6salSpEJ6yCXXrgb2w6QVI_iUem73E18rn4zqaYLtG-Kx0SOqbhH9mGcaD38r3yOppX0VqOEedxOjbwO6vip6zoqp1BpqYnIUWPo9UQUd9blGyLSmU64PJVpstwXksr9WyGPjCbveqkZdrVOJssnopq5ctEhmouss3vvLm2hOW6TNEMXuosVZBzmd8l6bBjEOHi4URhMCC3UsdB4jT_fTq6s_38lprIhP2vvBPZfczHqVVmALHXzT5loHH4rDGAJtump0WBACBz6-hhbzcc5WoR2jySqkQnNIaLNptOR8O15OdbyPS93aXjZ-l8zkUrbDiDfc8X-WOPW-4FS6bSd9ctQApiFkSBEb76vRCbxCFoYrP9ZyctBtv4-DSw9DVr6jKxM6I45wwdq6WG_ofjM_uth5uraZ_nSsgEP2MLience0aNjcLmqCQ2eAyP3O7TeyXKRJqBtobmOD4kx7SToFnQFrGN2Kf-1Pi3uM7x_hgkWOigGkBe-NxCOycsC3HeRyZ5nwPgBvEST8rrDqLx7eDHoBlKUHHg8bskZQnebgpSXWSeNyJ55lbpf2ivtWNxybHCPImP3QlnP6d5M7bSuUbmejULDCv1oelw5vdsPruDD6qnMsig55GgNKOxhGn3UEcz6At3c6j2e0gdvdEQJF9gacw6GynOD54yaIDH_gnVW51hLs6q3fIhwsJ8NfxuQVQSLPCkmGPYOZtuBZKopybqakO5UU3z0U6XbnxY03itqkUyb7Gdx5br2O3gyeJVGHlT2CmYGb7LzL07m6VffPNJs6ZhcOMnXKJ_faQsR9WTLEfAOm01U7PIDE14NFa4nDJw1mffTY42wQk2hhnFS4MaYRamUp4e5Q-94AFWe-iXiZ2yWrehYIek06zRrLK5V_Ve54v844eqTkDoRWrAm4Yo9qaGZLeA8LOBRsahschtCRiv99cMNfLVwYZaDJ3Td0P9xdeBC0kYG1nT4n1iBq5lrwaLOsrKWk4A4LswDvDzzZSz1moaUwGjMhZRlqpSu8ktPDo-mCHVdQvdXxhaTGqABjEnWO7V2l8SE-YSxWBuYGr9t4BaURti5Ds85x4JbSjULVNvpMHfv-saeLUwOhWEIQW0gTy4RK6Q02TYo8Ya_jWdiM7qeY4PCXKygOc4CC7RJjl6hLvBWwBCjfFN5xdBmdSk0wyXzyGr_ZDlcd3F6kM7dOGtxQx0HDpBh0vtDB72epppELpNEcij7BaYzKRWAb_8uljbj2TUqrfH_s6fQgdscsKs1uD9CvqGW4nqXeMPMXL8IgOfhnvygU77dVxkEKXriRGaDLLc8gBa6IndLh-mM1wbzJe4AaLk_1nVAo83RQq1-5xS7FIf28xRIqLI9yoZje8f3A43-WMfjOUde7PoR_dckT2Egg8D8-oaMID8fqZCCY3uu8nGofCwBX14pMQ2MVk7Ft18uLWtGr-3y2KfVhqALNfHSeLe_-WJudtWmiLLi81UU2Ye1XnbBv17bijRtj8fMf5duWmQk8EEJdZnc76n8l9OetTwKzzAvWN6lj2INEznQBevPD7L1fV1bmgnlcIEDgPV72UoU_IBDx36sxy5Kq7hl06hFk0eEwf1oMinLRJ2SJJnplWGlYe_oHCb256vDZy7AyJvYO5mIYhx-NEH2SLcRa548N0CMez_XBeF6IzxRHM9ZgTXtWfGjsraglgXoHeEObPun33OOC1r9MXJ4H84XQnBQrZY2Oyzlm3Vpt8QL1kAbWYDNjtmQCPlPKGSuerl_QFO3LInOgGNy3UGYcRNkxO-CYhVanGeLfi8ZRpdvigEJXJtOSkc9DQacKkydnzpvcDILtFDLqub8tA1eIZ-vGkNgh7jzA363nh939JF7uw5lYce4N2e-GNG69NriXgsCe18drulgJmqAeNI9_4cBh1h4rA-X3ng8ZEyiiJyFj0LojLB3nCYLUJGWgYT1FjxT92O2vMpD-TWe-mFou1Zdmvj5ZOdyQ6lkgDfw78znZ7juYFV8whYsc48Rv7IHKRAC7PQqvzMLx_84q6sfw&cid=CAQSSwBpAlJWShs0pHHpYbJKav9Y099ZbaT2uoXwB81IQAcIYuMyBz8IbH9EeoYVWBmQlw903ZYiWf5eF0WiKHXRKiMN18a7EB-0_gqv7BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=15994746715406537000&adk=2857193498&idt=111&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame CE89 30 KB
11 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CE89 41 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E784 172 KB
60 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Origin: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame E784 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATKGwBk3TqPSrnYW5E1Uqr6hPNrfqZnwwTqw9HkVENhbIzvGKAjRtUN5H1u5VfxWLqUgyQ1VBa3QWs3foN-iyVT4z2CISc35bkH3ojg-iSiJGnbAQ&cry=1&dbm_d=AKAmf-CMOk5Qy-0WhzckRdCV3i7NLjTj32xKcOrhYbmbZjJHZhyYkCAUO0tjGEwiUets6y0BVmBHWnuG6d1NxEby20bv-lDAmhRN_Ca7KujmIVCHw0_xTiZTMM_57xiMyH_cdla_SCm52szrzaKpNve7hEuQPkAhRKY8rSNjKSGXLAFhBVZb-zVxxCCbGT0iSKHnvZSVIhsY1DRKW4RCwzGMVaAcY0EyMYR7216XGRzdZA02yAnp30uwl2rHpRPLq-FRr_GrhmzKdB-1EeX0l3t1XjhM6-KxLt1rtd47zSFEQOPcmUri8z_OIl21KnbDxpASlBTeS4xMjp4mM-inB9Tl-nCs8Eus5zG-ZZs1hgzCGOSC725S_SYb53sRvKRaFqshpI7b7ew-BjeOd8UqEuRIDWTTlR9UyScTwd357IKDvH2ucEzLX5Ja4bHd2Er4OUMbC7A2TyY3tIdpNwBhuYB26Pop9K6KSYfXVWXjZS77XYZxRnCTtX2gPd1r7smF6gI2RcUYCh43wYqMSmYO1akEkdxcuJ55mhW1J0ja9wUPqjRflxYFl-H_-pPfNrDGJm1l_ZVNpxSsnAYz-_gLmmv2UO_SpCUywtf0aC0crcYNSLc_P5Ua-gIscfNBrwJzqUhi6Pgwy4Kd-N9VYavhDAnSotWHvgteefqjNF5fkueqXmY7fD6lgo2O37Krbw_JP-x8-npoUewas0G7Ly-MeniWzAMD-R1lEecqPZSE4MFcP9xbAtQ0HDyOBu3BrsMv8j1hS0--pfIdAR39rPgNO-bBlaK32TbrmWliUPjgDWAzusLVA056HQ0hg-BfmCbhN04xtfNfPi2wZiqIxN0a2RIW1EqnkFxrEq5hKvo_I33ZZhlwtRwo0f_L2JPanFC1q7is3aS1w8Xc6CvGBHtBt5CcuaSt6H6ev-9HYXyHcyCBkC_zINvKbgn18nm4E20qchzXhUBOg3_ugxDFgQivjTTv9sRGAiPqhhLyOzbdOytxIjoa_S9xVdyHD4daj0KcVrL1od00TjxwxdIQfCH4veva5ciawnZKwVwmNv_6DDY6n2JjmlNU04V4auvxcdC7-pthZA9slaH2_dRFFEux2sGSDBB93ROzIwJ3AVdzDMOGDEvSPdvghk6A-S5fu6gRaKcJpAa280ta_fQEL2lgZu84byTFY7ZbcXlqabVUzCVn092YCiDdIppG344VeuM7HhfgLhAUHKEtmaBm2LEI8Q9Hexh_nKIEvgsVJBw-onMjcDA1gG1NbwbIEPTzphOungu7poEGFCluMlerkknMTldTjILqnse-q0txPS-i0uE7gNLQdi8sz-1c1hQCe9GEB-fF8QfVcf7F8nXLA4GfUu_fwwTD-zXDq_ot4D78EP__gT7V9bx5mxXpd42-mStCz05vnhWFgFP2i5kiy-UyMLiUmCT2QwCO-U-qaew-5WrOulBK93-PBJ7VCQTCIs8_x9Q1YFYkj4pyjpA0HScY0dh6l8Su-AT4mR0Oed8ZP2NTq5TxAE7WyC5T4yrIj0kAj-uX6rKznX1_65tfSlITEX0JPpLPuAidif99JgIY6f96naekKYWTfNmLjyAHXsuf3qxX4CwqRVb-dDtI7hekxUE5jCKU4u7wVg5w7VwxorBcKvm2VjuNl9UX9x4fZlCuYANTkeo4sr5GHgqvXOiyTvNb4Z27Yoho74BBdODWjug2C9RkfBzfMKe_spGBU7HIxVRe1_CWrnsUF8ZAE4DRQ5CdDtHNpMoUdrRYNj0ZCmI9agGolhp9-4vfeH_KhRupj6WTF2ig69mioQCreUyxzPOtZF73F8ojtJ1-aXcrxnOreQJmZnLrIZ0xBr5-K_6FriPM0iIpqIQniwmSz6FXXeIDK6pKTe4cycQJxkFmPmizRFFn2_qirgc2eOgM6B-g7UFB6ofjcIPYl9_JHCStuyiR9_J0E6KOWmxn5JpsmzhKpiDDaO6K0iCbUiBI8gN8RgNwLpaozJcGL-veizBK05xd6XuxklKs5VEtVQck5ZwauMcR6VC2sTRyyQTeTr9_3MYXR8wPAYMQDHhm4ZIg20mLJpBCM8D9mmWQkMi7JCBw7VtCpD88OdMOEad8PdQ2zQHR2cA4qmqE_C6Z8ASZsmKzUs0O08EL5QO7rmuV4g_mp4sP-amYm70eyp8FCWRca6-sZRtia6k4hdQrsQxpfzV5uqIQk9EeH2q9mxgy35hOAbxorKdW4-xFVP8cj7e3-W_PmvAFoJSiqsRKXvxYbymxeR2yIYpu4rV3hSZOjPaJi402vAIoAfpenG32oGt5ya7zBc7dy048kGUh_6Im2ihRbbyRaZV6eDB5IVWzwnkv1SPPFuRC9MduXWIzG5D5x-1hwkQwqug648XRq7N7MqvsDoMQJTuBXUcPOds9YxqQGLxT9p8pX0d4SzFpG5DGVKtDNzWkmuB_4pnxStr2g33_I9pAQjQPcOoot98eheCKquAJC68fGwQ2hKoVRmLonSHuHZm3F4p7rrZhra4wUwDDoqRkPUADYG_Lo8e0viPj6E9l3m2RaVN6_GEQ9BPhjIm1PpZTC1Mm2ek6hejV-A8l0jWCzApXZOvSU55iFhXQzztuUdwJijZBvx87IFxvplLOwVyyFneNMvstANOR7SYN48aV9uQIEkg2YGgYOX6SBCrJiDMH9GMXtTaH6quaxj0Z_JNmAl0kzcRAwyjyl3cHHtzbX1o5Fhly-8I83x83wFhiN4YMikZxlauBXhP48n9Ip5gq1QUzFfTnG6_UFYXp5Ck5bqKy4RSDnqT3m-nhsu7oqgA9Ysa1E5Ye-gJlb0Th1ZRWjpHdNHUBkhCvlELZyjU9Uo3cytET6ePR2oCFN9P8gYo_OfaOG8H24JGxoVOjUT84i1qsingi87JgSJsLlejKJhv1w_zNpGdADR81EoIWy7YdKkK2s1qwGft9pmpgijv2JaaAEI1OYNs6amIZnzeoeHVFbL8u9TO4tdhCD6DPChC3QrU4Qx2kThkn_a-TlfCHKkwuPat9cQauN2JcPWt_Hx9rQOPadvMIfUD-3hhxBhPCnCfIVJ4-_Lm3hLbLB4aEPFedj85hiVhnFBw11UJpEQe0LQQnLDgpCXZqObM3Ep6jL36s5InR8Tkkdm9Dj_md85tY60u4_4cfMW0dsHJNgxght215Gq56MeLqedPWqAKr3x_7nz09Q7xCCifSRAKHcw0IaE1uwCOI8F91fiTbL3vE-vpPh6CPyOGqiiL2h3JqtQyagc4nmmifxjDagv-IoZU44FXG0a9SR7FvY3f_m5Mh_JLMH54nbyZU9WdsWtRaNcf3cAd9Yf1-YZ1YkMZYTu-myNmbp-Z6zAyDtMGibySECrc0JNhrfCzTftaD5cd7FjpG0jDysMkWTAbjs6T2_ZwekW7U7cFSSahLlsv26f9eHdDGg6hpkGT9jUm5nMy0O3DUox4-Osio7B81EkSZGxQ-4vpAddsItvQmPB_PqUr5uQFpIdmQcLwXBT2u5yB1aPMj_eI9_AggxXh0qtGBTP0q&cid=CAQSTABpAlJWgvWHNClTGNLt508db03KJOKIhngWD0BQQlxr9rob2gHcSYfjZSpyBJXZFCx0MCI_oS3MxqJkM6WuhhXQhP7SZsneUi0EH3kYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2071278019984008400&adk=2086295851&idt=105&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame E784 30 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 06:26:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E784 41 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
DATA 200
OK truncated
/ Frame CE89 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8856ce6d11d81f10ca4086ca674a8a6c971c7f9cdad962bb6aba38a69d19f535

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FCE 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7094 0
0 63ms
63ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVTT98KHg1cq8VXXlPkLSRQq9WQG3jX_jye8WHZ78-zjY89A_MmfqtrjxM7CRRMV1t9hOs6_dsBoACLjdtLmX5kOqvexwn8D-E9Mu7OWIWBy6xHNid5M3nM1auUNVI7QxWaIxRZaVWlQFcTylZqIBGuBJvnl6WZCWRWyW8lbUAxX09JiQgmkjoygZ4SenZhcsV3LDSJ7teAb_5OPoQ0heETDWBCNfYlcgjpKEqY9f70CFhdvuslSF-tRO_-H7aG8W8coNDm_0WH6a2IHHuxmCQTENc6Ha16889rlnfnyFOigTxk0rrClIPp4RNN7W_2uO13WTOBrVyEqRgHDhHensqhno2sysM0yyLRti_1otvFL_Ut9_2X1oJbOxcrkG--25_M_mDXX9jVE4Rl--4GrFangSAcBCX_E79RTvXgngVUOoK3OTF0AV6sLnl_w9W3zOGpcCBZfx3qOGuPw2qieQenhQQ8EoF0YRCwaG5D7RqdsCsdeurKvA70bhaj0SKZK5LnqioYUO6vb3QOsyQm8H3bo_I4B4MqcE3KRV8BHYhmYMkOqHChl-zHHJO5aqcqlWeqqxQGb4QtmpzHaN9LpgHkx3Riq72K41JCHzPtgn_3jE5FZaHmBISQXv8ivED3_820sasHM5acQx5mTRcfm4fJcppaPvUuYMPJabGP0SSO0akwfS-GX4c1_MpOzVJKtlOohJUz1LHZLRKRAer2O4rrbm1a2AHPt06T_g2XeJORSlgVjNQ87PqVEa8WLu1kT1Rzh91okT-R6cOJWPbiuIlKS3BWWwO5dsUt-gD5ecVf5GzE07apOw4-Cb7TxnWUu5stApl5AmZzMcZDD1Hf6xzCZ3-4Y3aTu0CI0o09VOZUqt14pXztsg7uvWS8DJlU9SFVyAb-VnezceTDMdkyFkX8k6pNm7q7htHwdCXZS1TQiS3s8bNvabKCIb5DKSaqgbfEoJ4q3nWrsZpxseoVVJzPy2YPLZ6w-VRFqoWJmPbg0VKFIlczBZTLd2eg9663xgmFCDXT-rsmVFs8A-B_KSPW0ADYgX6Ry2HayyClLj9bXgEZAo5uV-1NjZ4q1gtklW1S7TmmHGAOw1dKuUiMknn1Klxodm81J6h_Dajrx32UvdeiPGZRHuN3K37Xh_kiqGMw_rLzLrP2UQYd8yjYYDBKcrZa0Ki-L5ovB0qKBHAcPxh7Orlxv5KBt7j9W6PWmvdJ30E3vnJFJS3JHZXBF6c99rTuYa0Z3P_5xUAKdCdig6NYe-zv7SrixozoV3cj7fnR_iISUfPQlgWgK31ZNOq6GaSD60Yg4D7FSCKN9E-9Nk&sai=AMfl-YTcZMVt9bw5AIR-rybK_c2DVM57iVF-s6rJjiDirLnZgFK7OD8U9-VLfeM4JFX6e-gLsAuNi-x49s1J_CBtt1SngFxo-UgN-G-Tul69b__bJWgXbQ7kc13V0U6Xyz-MYI4p9oqO_Mv1XutGR9DoAFaaFZnt5f5V0tnWcqeNXNCh8Y7VGASmsdIabNoateyYxPc6nKqw5u18YFH6ZLIvUymp7-p_jkF8STp2f7F_HPCYq-XXNsN3hVfCXpRDFe6guvpFD6cAy0uGbvrAQEmayXs_JB-dYdbRAhndgQMTBIJLjg2ssXAKWg9E3whZKD6pJMGlGedEzE6-3EyyiCXAAG_D1eRx6fl5txFcZ9cJU-oXKK2QRxcHaRHU1dazqRrhaW7duqbMNmspN7vsLmIbHSALgTfIgdF9MVNKvs5S1owLOMAMIBBK4Cu88CNth9jZeNnh3JmDTpEbZWImZQnLlRdq5Pk7dfjfkg&sig=Cg0ArKJSzPd0ZjPHix5jEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=803&vt=11&dtpt=489&dett=3&cstd=303&cisv=r20230906.23768&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:42:19 GMT

GET
DATA 200
OK truncated
/ Frame E784 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16256e67ba0b5977fbe7b7006af63db48031b0e33607a383722fc5f818fe5ff3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame F733 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 09E5 16 KB
2 KB 41ms
33ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2257
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:20 GMT
expires: Mon, 09 Sep 2024 16:42:20 GMT
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE89 0
0 75ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnKdWQ5NSWETpGFD6xdd0FoK9ztXFbcwY3q5G9Z-fWSkhYc34Qgoawf7HkwEaOg4SCcBnKPqwU2KrWm4ydR-Y6Q8P6ZylI4mm7aRqoQFHBW97bSiYAtP5ZdqJzhfbZ2WWzhm2f5VtAazvSn6NoF0NcqhIZ49dZVATcr6vh4VQ-Sfw00ql981bvg9Ru3xfInwel7taMLF_oXbjr3GuaF3T6qtFrBn0dOwyc4vliq-ADkBuq7UGA0NSiAXQhMIdZ352Bj1FRmsEvZhxs4n2HcCj42HnXZY-Jlnq919ZP9ls6o09MW6aiuXcpJvf2eafZ2LQC0bLD09PPtzB5DyzxKAdaknNDsConPGez_-q_iER3a_VdPdLLILtV_QwSimq5vZnZID4iBi4QZEk1p2pEP16jfiQUwGhG-Jg4y6YrS8v4R3yrWwHBK52HFkB3Qtf_JU6sKDTO2A4aINpKFh0YFILIRScFvIcd49lT1M2Z2eLWWpQTYxQbGRJSVcIzNi5kfy54lh6hp6H41ycjFSZsuMdLGB_lvlUQbYNPe6KhkuNj9t4qwDBH-rgLgRB2TOPsDhFbP3oZHRTGWEkIQCe_DXA7Pm4VLNFiPWRarBg-9zbXR-f72hqxkE2cnjeKULHFx4RTPYTOYPsUge8Cedz81TnTMvVZQXI19hMVrHObPfKuMUkLsedTTqHK70O-O5aXhSTyy_kOVkXpEnTylbhme-wpdg00D3LKV0yiN5Xp_TFiyN2X6BDtbQOVZHOb-MsBy_elFixlPmUKvNXpiSDcN4nkMhu3NUjsOGzcmIU8T4O7rRhRwFX-Kpsm6tyagSvnlYlj8QH0FDoWGVlnRuZnC7KzgbFye7q3tkcz-tf5Nm4n1sGYV6TlYxATIUeC1-DAUw4rm96GpElqLT--1Oc77gLTA2iE2yITyZPDJzflv4Rw9-DZ_n1oEdIQiUwWUPMRhZOjl8SdsVznenbP7uWLhbX01dEguyb7PWq9fvXpXDKjowUnxpZ8Gcuj_8TTnmThzn4ZqCmBNpUpHXHLYwfevbsdlN47wYiGMW_IEGr-34jwV4I2CM01kPt3KlZMHT67fcvyNQDLEpOnUNrpmFg4VSJLXNmVDZOyRiFYVhSEpi0KIvZW3QlfTt4GB3thJ9LQJFsFUVwsTu0Sf4s_e5AD7zt46xKUAHwU4ypi7g08EXWOlbZHAmZNvv0VcxexqvoEPgOhwgBPHLRV1abH13u30Hy9-lYGDVPkxPvFisXMqFJxJNbyfbW5c2ANUxDMayBBgSukn61hASCszv_m_pylF_Tqa6RZrJVH3mh6XH2Lzypd&sai=AMfl-YTcTfCV9Ou1gGr8ws8uw_pvZlo5AWN1XMvwZbjF0T-_F767He0EIWlOfV8TSOkErKCRq2pIJJfp17yeHhwYDWHbWWQOKed2eUnHkibHILKmpwNygGDRdzOi0ZFwVpsL5rnarwVbrLjrjtQgNwj4YbZfi8NhLHVzKAMv-YZ69VVvGtK762oCdL87uCDl5z11t7P8bNbCRelMibvgaulJk2ZlgcSafQoXtrjrwXlg9LVnJiqPFx5WOmfNEuBM0Z-cqXIVeeJbWDDVnBwfN9Prn_8Yyq34YvdJ&sig=Cg0ArKJSzFEMMKCWHHT9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&cbvp=1&cstd=217&cisv=r20230906.19702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 33C0 7 KB
6 KB 68ms
67ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65669f38f77e639884db08b1e8af3d6bcb8f255ba5745f3f79084e59aa746d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5630
x-xss-protection: 0

GET
H3 200 60003574_20230119242343914_04_kw_dji_mini_3_pro.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 33C0 32 KB
32 KB 23ms
22ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230119242343914_04_kw_dji_mini_3_pro.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97030e141a7a6d9f6dc7e4aac71cee777505a13f0a2b5a0e7ea1cacb0a0b56d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2702496870353076224/index.html?e=69&leftOffset=0&topOffset=0&c=rfsxmYGuHQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:11:04 GMT
x-content-type-options: nosniff
age: 12676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32979
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 08:23:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 13:11:04 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12597292279779033088/ Frame 50E0 18 KB
4 KB 33ms
31ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ee5e373c649eee23a99b16421afef3a05be811a9980e1be5cba584151f64f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:42:20 GMT
expires: Mon, 09 Sep 2024 16:42:20 GMT
last-modified: Mon, 21 Nov 2022 07:28:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E784 0
0 77ms
77ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstivbtISH3eByZgkjICNOh5s-4anD-d0zyeL-REd99gKy9p4GchOko5vvk8YWLgpFaAMM_RlZuFktyCZ-sTkBRPcaPIH1uKASkXoJWNN_4snXx8tvuLzfFBwcZ-M5G9bAm2zqJCRvvCWxUMKYSRo5IX74X0gQYhrKCi0GoZVtzb7nbk7aemZhDNT73N7_d40aY9TIqczgJuLwB0rqYLZ5_C6eTYLMtzpCgtRj1-5lOY16B7ZanobdwugKcAG9V21rrwagj8mc5magSjDGf1_npuk-2RWPpqXAdDqzxLmlnAUnnj5vG_t4kXksP-o_-K0NI3BCTmodl-qjDa1xU0iKlyhOuccPBgPwChEBccNarPoOXR7uMsJmFj70AkEvzOgzQ0PKfW4lz45tq1-EgO5bgI5LCyLH9uLw2V8And7WUMHxwI_hF7bC0XGTZGrJ8A8NAwadHwdDKEaFl5VqtFrdDJph4w9_-Ll1Tj3teyO8dmZlm_kwiCFOxMZdHeQI5ylEvhJrnkZGswuRT76XgxsbBWPlKrnId47u1NGzPh-c4y0sWdq56-t2QBI6ctpWF3tW3k6a_uD0TjcTPT_RDT8GLHSa5ZaVNKnyejVuQIPiID8BvTvv8rPrSysBQnXBTgTHUUxvg2jhP8L2VmQDZhWXKcP5R-1rZ5okp4KT5ubW9Pa8cmYsD_aPuxicUKDVBsAvRvEIkZc8hoMtLclyCJFDVseLnShcOQIQLuo9V0T1JcwhPinOwti9K_yKkEfz_UMvRnOq91nRkIgp87Q9hl0KHIOkEk5A4lFCxE7tnT-HoAJC2MTA8y1edJbuV4VAUvDkw7sbb9nHyvDZlWJG6egZWUpCIlpbEeGAYr-yEKuzK2azNMuxxwLaQuhslTfamu0luIxKXxdTi_HUb_yrgBVxEri6G00EOdR6-jrpIOQrefH7XCi22BroGOMmCIGCv5Fs5BqyLrMBXO57g5JSRY_tuGZLBcPa6Z_segfiDHyPc3oZ75BbD6Tv_QRMA_iKl0_2VOHx47UMu8zrAOmQakiRKcRivTMioY7xIN6ZHItc6uLM9ojdizJ61KO4oEg25Wzae4lhaV7qhK-HLSh7SMy0psUifedCIohOL5ZAjCAEBGs8lu9VE2HYsKzBleAlQAndyDv0kgkrCVcE6SbYr7-K6f4HrPJmp2L98CyX-d6ND2gWX58QO6VG2L6kM5GBmcsJrGhnBFCBMFT1WqUw2j81-7lVqoPVCLR5IOoXWrKDJmmradNFqrfwrIsM2iANQODHx_lB-mjUALQYLwTGLVFcHazZLGQr6voVjLtjwGNO_WEzExySNzWKDT&sai=AMfl-YQBeuUMpc5kxHBCDFr65c3B9MA5CGLChXBgFqd-2Auo-rAWLLgPjYbIn7Lsffi5WbhoOOL0ziOZRlnyOap48aOuMy2eDIvQcL51odUiIR9Yr2bLV5Lkhq9cOWKZ8byTAO9EMTZgXutNkz1bk2DggJo56zJKTaiMEPoWrAabzehWyN769xOfX_GtvS-SdtgsaRxh_Yg2JDIvuK7T7HPzJnw13RDbjQvHnknGrz93CjKBmX_Fr8WLXmcKggUK_VshKE1zIfMdhzjjdBO5DXWnJx6jL6EkLwcjzUxH&sig=Cg0ArKJSzJE8_cx_zXUUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=309&cisv=r20230906.94731&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B48 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 209753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 09E5 63 KB
25 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 09E5 120 KB
41 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 06:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 06:12:14 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 09E5 7 KB
2 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58023857e618007c2eed153d50c90c290e31677b495ab330eb6480f729175557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428867
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2097
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 17:34:33 GMT

GET
H3 400 css2
fonts.googleapis.com/ Frame 09E5 0
0 43ms
42ms Stylesheet
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame 09E5 3 KB
3 KB 46ms
45ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4902406/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:17 GMT
x-content-type-options: nosniff
age: 363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2869
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:49:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:17 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/3732934259778781184/ Frame 09E5 22 KB
4 KB 26ms
25ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3732934259778781184/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e46a8ec58514255aedae877395b5a33ecf0576eb368690b64802b1d4718627ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4157
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 14:58:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 07:59:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8174 0
10 B 28ms
26ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Vey0HQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0CA0 22 KB
8 KB 33ms
31ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 209753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 33C0 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 50E0 63 KB
25 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 50E0 118 KB
40 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 04:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12597292279779033088/ Frame 50E0 3 KB
943 B 29ms
23ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12597292279779033088/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf870fdd887a3162665ca7a09e10ae3f7319cd56fd055b27cbf2454884e2d3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 08:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 07:28:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 08:00:05 GMT

GET
H3 400 css2
fonts.googleapis.com/ Frame 50E0 0
0 38ms
32ms Stylesheet
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800;800&display=swap
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12597292279779033088/ Frame 50E0 14 KB
3 KB 31ms
26ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12597292279779033088/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8844d346f49ef9e1fe21ea91e55fc68815ca43753d854359b3eb3153d70c6945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3085
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 07:28:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 06:22:15 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55FB 0
0 64ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyyjxWURhXF_VpaepYI_VOwIt6_6tEInWH-i-uVLDnc3JU0M3HrC6ixKWS9JoDIF3q4dIalepUEYERFM6O0X9w7ZaTaa5vzn8_6E1j1WyeixOFHuQy7lJRuLL8kpFOW5o24TdScqONG_Z5oWsBRCi5ZHcH6MxTbD1yT1EUoe2yWOtPhLmK0KB6UQNTcFEEiHMzRpjFlkWq9K83jJ1W0bDcOyWIOW9dMnfyciZpZ6AVXZs9ZcHMdUEH6fXzwImLoXFCGCKmotPZiUpgWMoL2-mKhH0oQWTLP3zX3fV5H0a5AnO4SbAZWLdv21aFPtgatI8gkpRm6DNi7sJ274wCKXivzQmBHU8bEspb0hBvz4tIiUO7BARxLm0YI26_u0A4TysOZO1WPQ4fZ_GgFP1hGKuQlCsDHJokmLxW-bBHg8QRdffzy2AVfgTmdJdxZZe4ZLG4L-tqwLUGQHkUuWCZdqpA-7TZbRQBa-3FW-aUyTKJVQ7E87vI9VZcLjrvEz-VObf_EaOXrTZqcA9BwIzQ_FmBA5KIfN9H45mfa95PdIRm-0vprD0rOukgR2QEWyt63YYOqmagmsZW78b28GPyeGypOkunLJcOuyud6E2FwaQDpkED4ErxLzhp2j67pYcPHONELHiX1ULCnTDCYDZYf4lZHbjLjEeg4DqsirwWwsngqBaonixMHYqOT2fkHWQe2ZQcPjewtinGJfVUqGkZqCgiq7Qh2cw8AWqvLF5NZ4-oa8ZxybGP5RQiVAcKmn2oYau7Zw6oWP4U4lRvFf-N5aIqG6CbTUKnLAnUQ4LnBTimb26I3ScW0EoXkpYm5BjjXXVUVyto6c_Oz-0ECjaAv48KDIGyXesMTDFRtyj9tAra61yiiPrDs7tHeiAc2HyW7WTx4aPL8tgqjcDUZ-23NK08CR7Aqe4gPmnonp-L6ndZeNX5c4bHvnOudrRYFgwRnx600SVEAEvJTDfQ7ttIwMJgETP58tulKy2et2jqJ1ckFeZsWQtDaNr59tye-i0czz9fNNqHOljDW11n7tvGMs0VbfpjaVtIokGEc74jwVgjencShRR4d4UE47iWBZlxydhCgtvSgNpoQDqkAnRjFSjg5koMhl2LtprHHSgyH0f8C6kSyGvTR1xBaQJDlHcgft6QeOrngVKnKvkXkPOKH7tJ65TkrtN-jRSgI0_COYNPHrQjd4ABBkDicYMRHykI6Lx9cO-IDXWQrNceQEHB1stJiJQpHI8AtMRlxw_MUYqDRN6MhbS9QPG5VCiqP1FSCuaj8NlrkGGOUCRSi3Eb6qqS_1a7FCjdhHyKvzjdtBmO&sai=AMfl-YRs5UFRtQ7O1FFUz_-dTc1IiZ6mGQsIy-5t0gBVUgwV9KaNtTowVExl-aI-MZ_AfZ31nN4PLRQoOIunRA2jSBpZrSdx2vZVYDbS4EdyzA9L9ZJPOWLURG2JE8femDvizSFvze3WlyN0fubpAqHyV5F9HjgHfvYGkQ3XmT6syvb4aPqGzXZHj3phL7FIejPGMgyBPqFbMwC56Wlz5ObNdskWk5kSkO1Svthn0FMWc70PeNnWDDEvrOfMiydNtQ9rF5E6Cr8AAYVzlfS46BRU-Ba8evTj_yMVI4_N&sig=Cg0ArKJSzB9ayDcqz_2ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=946&vt=11&dtpt=602&dett=3&cstd=337&cisv=r20230906.35592&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9881 7 KB
6 KB 66ms
66ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f444a9cddbf215edce48f54d451e877f4fbf677eb2a253d67967b56c62fed35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5768
x-xss-protection: 0

GET
H3 200 60003574_20230808061016065_brandlove_bg_970x250.jpg
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 9881 48 KB
48 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230808061016065_brandlove_bg_970x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2460ccc2b83ba8ba3ac78a526fa2ec6eda01e49ef4f9baf7869c259cdbfa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 08:26:51 GMT
x-content-type-options: nosniff
age: 29729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48655
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 13:10:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 08:26:51 GMT

GET
H3 200 GeogrotesqueXComp.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame 9881 19 KB
19 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4902406/GeogrotesqueXComp.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:21 GMT
x-content-type-options: nosniff
age: 359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19808
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:29:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:21 GMT

GET
H3 200 Geogrotesque_normal_400.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame 9881 22 KB
22 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4902406/Geogrotesque_normal_400.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:11 GMT
x-content-type-options: nosniff
age: 369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22172
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:29:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:11 GMT

GET
H3 200 60003574_20230815012631684_sublogo_brand_love_2023_2.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 9881 36 KB
36 KB 27ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230815012631684_sublogo_brand_love_2023_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b36c8a5b4154697f9046312f1a04443d48cd07b5de626b5c5a12e23ceedef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 08:22:59 GMT
x-content-type-options: nosniff
age: 29961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36658
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 08:26:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 08:22:59 GMT

GET
H3 200 60003574_20230828063202424_36_kw_acer_aspire_5.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 9881 137 KB
137 KB 38ms
37ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230828063202424_36_kw_acer_aspire_5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2be1802b58723e358c3ab791c482ba866d44a88668d56d1b128d738856470c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ynOQpWtdzG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:13:15 GMT
x-content-type-options: nosniff
age: 26945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140218
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 13:32:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 09:13:15 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B48 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 3031 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9881 17 KB
6 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CA0 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14740
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:26:29 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D458 42 B
64 B 147ms
146ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssl1wnmYRqzHwzBGW_kYfm82bZqHVGnhD_b9AFe9rc8EB51_EfwAOFYtPO9HNJ8nmIgRTR9oNuwNhg97Evo-o8tEgRfFZgHU-WWRUE_QmlnPWC2AVHIjNLWpJAXXv_F9BWD4dCFF7p3QA&sai=AMfl-YRZ6VfgfaMmJ_9mubGo8fh7qGfClAQVdZX8G1RL-89bG7RZRUqH_-9BTrg9WXoqk0DmQmIxkyoFgK__CvXIumLN9FqxYQvPc1RdkOiZAhCba8NC2jSVyEsKDDsPxargxjN36rPUs0Gt3MBi&sig=Cg0ArKJSzF5rSug8HOYhEAE&cid=CAQSSwBpAlJWk77x0IfB6V8uS7q-FokyABTppClL74Jcradv7Q4prOYCbQiFa386lcqD5BXzZYmCn9fZqAc3atkQFdo4DTSieoi3RCFqqRgB&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1063&mtos=0,0,1063,1063,1063&tos=0,0,1063,0,0&tfs=507&tls=1570&g=100&h=100&tt=1571&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E784 0
0 63ms
63ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstivbtISH3eByZgkjICNOh5s-4anD-d0zyeL-REd99gKy9p4GchOko5vvk8YWLgpFaAMM_RlZuFktyCZ-sTkBRPcaPIH1uKASkXoJWNN_4snXx8tvuLzfFBwcZ-M5G9bAm2zqJCRvvCWxUMKYSRo5IX74X0gQYhrKCi0GoZVtzb7nbk7aemZhDNT73N7_d40aY9TIqczgJuLwB0rqYLZ5_C6eTYLMtzpCgtRj1-5lOY16B7ZanobdwugKcAG9V21rrwagj8mc5magSjDGf1_npuk-2RWPpqXAdDqzxLmlnAUnnj5vG_t4kXksP-o_-K0NI3BCTmodl-qjDa1xU0iKlyhOuccPBgPwChEBccNarPoOXR7uMsJmFj70AkEvzOgzQ0PKfW4lz45tq1-EgO5bgI5LCyLH9uLw2V8And7WUMHxwI_hF7bC0XGTZGrJ8A8NAwadHwdDKEaFl5VqtFrdDJph4w9_-Ll1Tj3teyO8dmZlm_kwiCFOxMZdHeQI5ylEvhJrnkZGswuRT76XgxsbBWPlKrnId47u1NGzPh-c4y0sWdq56-t2QBI6ctpWF3tW3k6a_uD0TjcTPT_RDT8GLHSa5ZaVNKnyejVuQIPiID8BvTvv8rPrSysBQnXBTgTHUUxvg2jhP8L2VmQDZhWXKcP5R-1rZ5okp4KT5ubW9Pa8cmYsD_aPuxicUKDVBsAvRvEIkZc8hoMtLclyCJFDVseLnShcOQIQLuo9V0T1JcwhPinOwti9K_yKkEfz_UMvRnOq91nRkIgp87Q9hl0KHIOkEk5A4lFCxE7tnT-HoAJC2MTA8y1edJbuV4VAUvDkw7sbb9nHyvDZlWJG6egZWUpCIlpbEeGAYr-yEKuzK2azNMuxxwLaQuhslTfamu0luIxKXxdTi_HUb_yrgBVxEri6G00EOdR6-jrpIOQrefH7XCi22BroGOMmCIGCv5Fs5BqyLrMBXO57g5JSRY_tuGZLBcPa6Z_segfiDHyPc3oZ75BbD6Tv_QRMA_iKl0_2VOHx47UMu8zrAOmQakiRKcRivTMioY7xIN6ZHItc6uLM9ojdizJ61KO4oEg25Wzae4lhaV7qhK-HLSh7SMy0psUifedCIohOL5ZAjCAEBGs8lu9VE2HYsKzBleAlQAndyDv0kgkrCVcE6SbYr7-K6f4HrPJmp2L98CyX-d6ND2gWX58QO6VG2L6kM5GBmcsJrGhnBFCBMFT1WqUw2j81-7lVqoPVCLR5IOoXWrKDJmmradNFqrfwrIsM2iANQODHx_lB-mjUALQYLwTGLVFcHazZLGQr6voVjLtjwGNO_WEzExySNzWKDT&sai=AMfl-YQBeuUMpc5kxHBCDFr65c3B9MA5CGLChXBgFqd-2Auo-rAWLLgPjYbIn7Lsffi5WbhoOOL0ziOZRlnyOap48aOuMy2eDIvQcL51odUiIR9Yr2bLV5Lkhq9cOWKZ8byTAO9EMTZgXutNkz1bk2DggJo56zJKTaiMEPoWrAabzehWyN769xOfX_GtvS-SdtgsaRxh_Yg2JDIvuK7T7HPzJnw13RDbjQvHnknGrz93CjKBmX_Fr8WLXmcKggUK_VshKE1zIfMdhzjjdBO5DXWnJx6jL6EkLwcjzUxH&sig=Cg0ArKJSzJE8_cx_zXUUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=666&vt=11&dtpt=348&dett=3&cstd=309&cisv=r20230906.94731&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE89 0
0 70ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnKdWQ5NSWETpGFD6xdd0FoK9ztXFbcwY3q5G9Z-fWSkhYc34Qgoawf7HkwEaOg4SCcBnKPqwU2KrWm4ydR-Y6Q8P6ZylI4mm7aRqoQFHBW97bSiYAtP5ZdqJzhfbZ2WWzhm2f5VtAazvSn6NoF0NcqhIZ49dZVATcr6vh4VQ-Sfw00ql981bvg9Ru3xfInwel7taMLF_oXbjr3GuaF3T6qtFrBn0dOwyc4vliq-ADkBuq7UGA0NSiAXQhMIdZ352Bj1FRmsEvZhxs4n2HcCj42HnXZY-Jlnq919ZP9ls6o09MW6aiuXcpJvf2eafZ2LQC0bLD09PPtzB5DyzxKAdaknNDsConPGez_-q_iER3a_VdPdLLILtV_QwSimq5vZnZID4iBi4QZEk1p2pEP16jfiQUwGhG-Jg4y6YrS8v4R3yrWwHBK52HFkB3Qtf_JU6sKDTO2A4aINpKFh0YFILIRScFvIcd49lT1M2Z2eLWWpQTYxQbGRJSVcIzNi5kfy54lh6hp6H41ycjFSZsuMdLGB_lvlUQbYNPe6KhkuNj9t4qwDBH-rgLgRB2TOPsDhFbP3oZHRTGWEkIQCe_DXA7Pm4VLNFiPWRarBg-9zbXR-f72hqxkE2cnjeKULHFx4RTPYTOYPsUge8Cedz81TnTMvVZQXI19hMVrHObPfKuMUkLsedTTqHK70O-O5aXhSTyy_kOVkXpEnTylbhme-wpdg00D3LKV0yiN5Xp_TFiyN2X6BDtbQOVZHOb-MsBy_elFixlPmUKvNXpiSDcN4nkMhu3NUjsOGzcmIU8T4O7rRhRwFX-Kpsm6tyagSvnlYlj8QH0FDoWGVlnRuZnC7KzgbFye7q3tkcz-tf5Nm4n1sGYV6TlYxATIUeC1-DAUw4rm96GpElqLT--1Oc77gLTA2iE2yITyZPDJzflv4Rw9-DZ_n1oEdIQiUwWUPMRhZOjl8SdsVznenbP7uWLhbX01dEguyb7PWq9fvXpXDKjowUnxpZ8Gcuj_8TTnmThzn4ZqCmBNpUpHXHLYwfevbsdlN47wYiGMW_IEGr-34jwV4I2CM01kPt3KlZMHT67fcvyNQDLEpOnUNrpmFg4VSJLXNmVDZOyRiFYVhSEpi0KIvZW3QlfTt4GB3thJ9LQJFsFUVwsTu0Sf4s_e5AD7zt46xKUAHwU4ypi7g08EXWOlbZHAmZNvv0VcxexqvoEPgOhwgBPHLRV1abH13u30Hy9-lYGDVPkxPvFisXMqFJxJNbyfbW5c2ANUxDMayBBgSukn61hASCszv_m_pylF_Tqa6RZrJVH3mh6XH2Lzypd&sai=AMfl-YTcTfCV9Ou1gGr8ws8uw_pvZlo5AWN1XMvwZbjF0T-_F767He0EIWlOfV8TSOkErKCRq2pIJJfp17yeHhwYDWHbWWQOKed2eUnHkibHILKmpwNygGDRdzOi0ZFwVpsL5rnarwVbrLjrjtQgNwj4YbZfi8NhLHVzKAMv-YZ69VVvGtK762oCdL87uCDl5z11t7P8bNbCRelMibvgaulJk2ZlgcSafQoXtrjrwXlg9LVnJiqPFx5WOmfNEuBM0Z-cqXIVeeJbWDDVnBwfN9Prn_8Yyq34YvdJ&sig=Cg0ArKJSzFEMMKCWHHT9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=768&vt=11&dtpt=527&dett=3&cstd=217&cisv=r20230906.19702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/lio404wlnusn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 09E5 7 KB
6 KB 73ms
73ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa19cceed9f19143cd2851faf4bf98c33286d3b60b0682605cf6410aaa549249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5702
x-xss-protection: 0

GET
H3 200 60003574_20230815012631684_sublogo_brand_love_2023_2.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 09E5 36 KB
36 KB 30ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230815012631684_sublogo_brand_love_2023_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b36c8a5b4154697f9046312f1a04443d48cd07b5de626b5c5a12e23ceedef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 08:22:59 GMT
x-content-type-options: nosniff
age: 29961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36658
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 08:26:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 08:22:59 GMT

GET
H3 200 60003574_20230828063202424_36_kw_acer_aspire_5.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 09E5 137 KB
137 KB 35ms
34ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230828063202424_36_kw_acer_aspire_5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2be1802b58723e358c3ab791c482ba866d44a88668d56d1b128d738856470c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:13:15 GMT
x-content-type-options: nosniff
age: 26945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140218
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 13:32:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 09:13:15 GMT

GET
H3 200 60003574_20230808061016065_brandlove_bg_970x250.jpg
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 09E5 48 KB
48 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230808061016065_brandlove_bg_970x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2460ccc2b83ba8ba3ac78a526fa2ec6eda01e49ef4f9baf7869c259cdbfa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=xpx8KIYZtU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 08:26:51 GMT
x-content-type-options: nosniff
age: 29729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48655
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 13:10:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 08:26:51 GMT

GET
H3 200 GeogrotesqueXComp.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame 09E5 19 KB
19 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4902406/GeogrotesqueXComp.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:21 GMT
x-content-type-options: nosniff
age: 359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19808
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:29:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:21 GMT

GET
H3 200 Geogrotesque_normal_400.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame 09E5 22 KB
22 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4902406/Geogrotesque_normal_400.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:36:11 GMT
x-content-type-options: nosniff
age: 369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22172
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:29:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 16:51:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7094 42 B
64 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssK64anM5QPSZksa-5K3XRyyCxRBuhiFurxi6zeL64dlUaW5SOmNXh9ByHILkEvS95i_slLGK6OFlcKx9Hb5AQIZBMZ3Yaulq95fyBPUQfmrw0W8nNspsLc4tm1qhFicwSl5yJxuU7LBg&sai=AMfl-YSeWkB6c90QI4cAmozq4AsjKr-0bHrnQ4FwZLTVjJHpY-aWCf4i83-RjMi1kvDGKcr0-SOk8n6Mp1fqmupaYQQCES0XRZ9CpnBiAg3yXfTKPwTmdZvHHc6ch9qA74aS-gBsF_lzaEJA_-Hb&sig=Cg0ArKJSzCViiz9O5YTtEAE&cid=CAQSSwBpAlJWCfIG6N-Z-tteEJhiMc3c0v9xMnwWTTB3hDz0gCsssn6sJLqpJRiQ7OcZbCBmHYnpfs7_WST37p1_Ec5S9PMsgmq8dqTnaxgB&id=lidar2&mcvt=1071&p=231,315,481,1285&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4139417846&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694364138975&rpt=574&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame EE36 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 50E0 7 KB
6 KB 92ms
92ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f934d9aa251448bcbd7076964134d6d3ea80d780a5584285787abad709a8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5747
x-xss-protection: 0

GET
H3 200 60003574_20230821051405813_36_KW_SAMSUNG_QE65S95B-0006387576.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 50E0 64 KB
64 KB 23ms
23ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230821051405813_36_KW_SAMSUNG_QE65S95B-0006387576.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01cec33cb7c64da3cac8f1b5f02342fe629ba2d25aa928d25bc7d04dc7fa7a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12597292279779033088/index.html?e=69&leftOffset=0&topOffset=0&c=Sy03PJS0JA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:19:11 GMT
x-content-type-options: nosniff
age: 26589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65475
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 12:14:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 09:19:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 09E5 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 50E0 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 16:42:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD0 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdQ7o6vH9ZIG7H6689u8P4LSZ8AMAAAAAOAHgBAI&bg=!ra6lruHNAAa6D61Rmg87ADQBe5WfOM2tnTnutXeWS4rCg1R7BEDclTaHWLt7Pf8tqheme9X2tCHxMGH6FhCz5Vjem724AgAAAutSAAAAKWgBB5kDDs28sJ9dDwduXqxBaorAPb7lNmUf9Z4EzxWjT-bFlVkcVTw1VWQlWKovkiKb8njVUdsv3Q1Cew-_PsmYQkgAzxnm_aY60a4H3khfro8HRJy84JZqPbz4W9hWCAAD_7VPfugJVe04Wb8iIJJtsSc9r7bBMwqnX8neIl1Q39afH70ABQpfGPsS-sy_J60s3vVNETbhBBdDFfcmBF-mYum7gNgVM45btLubhx4ywRsq6A_yiUv3ObShwW8caVbTQgrJi33Xa9XAVwcWxXIMEsPhpLemuxzP_bwa6bgU5kn5hrxsZzfIrWF1qPMWpF279swdM6QPL7lRjtYqdgN_xVIVwLYrA5Bj3ZfYzG30WR63egZAvBCaPmfbQNR1ych6wRJ_hEHLFkeFs3bxqmOTzQ-aqulpMIMWLqAeR-VeoJ9RsdK3NBEtHL1sckVKP3FX17MvY7KA7Mt9msUbhLtRh-rw0Pq9O5NnmdpMnO0iK7CPTH-sVPY_uzDE7EkqiiDeqlDdofuScKDiRV5KUpN45Ah3F9PzjffoRFLnl7OVV0m1ka37T0U9e8o1CB7xUkkKN4SRpyKj_Bh9Xlxrn6ureowJSgRfwccl3VQSMNkPn_L0EO3dO366ML4AUzSVSzVX9nMHAxc2RkP_RlLkaRJ310L5eKBWR1tkdtHsRp3PQASuRPJwmjqC8AUWbiH_fYddJYCJ5608IsKHcA_BWLvdDVHqtV1WZ5T8kTBGiy3wEW5jWYU_rjThTBA8TMtATmGQVGKdGroxz97NLaxTOwJd_IUG-kjA13uqIpfgIr7O3goQXTrxfcZN8_0XD38OrOWxJPXNLRdiz0HdYz8wnatIV1OXMXlfOOJx00anuaj6iwlrXBC__Sgnmg7PH5PtRdNIeLZGFe0c8QmJakdFQLux_t5Fv9-SIIr4sbpI9OgMysZImrtY-tCbhjmEPXJVApUvkMBZ68IcR5q129Sgg5Fp-xvkeeT-nzCou84IspuYMAQYu-c4AoFpVJq0HpNbtgT_TCj7fVumkQNziqaOkIJNCL6Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame DBD5 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F733 0
20 B 129ms
129ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BehE66_H9ZMH5CfS4x_AP9_Ci0AMAAAAAOAHgBAI&bg=!qqmlqebNAAa6D61Rmg87ADQBe5WfOPgJXijh2-zHWiIUVatW7atKunQA5lOKpXOOKZnI2lt4b3rjEDIkWeDQRifAiD6KAgAAAoZSAAAABmgBB5kDEED4Gr4WsH2Kfoa5PualU0IGmgkAut1nzf3vqn3fcSZMrhD2EEqW-4PoGppjOwv4DvSpXwWlUmRXHYJcwQ3s2bZNf-3e5Gg7Bs3HC0SnC45nl8qb80A49pfiXtY5ZsPw4trZSBOik9C0W2PvgfPJ5uCDHGAoJNEinkwIlgrz3B14BfZbZhqjzKZ6MOKafaavqMvz-mQwCW9I_xdFTBfZPP6c7fZYubs9gxo6haSlrqai50Gj6_zYeZ2equALJE8NXklDZrPZPOvmX163aaCygsp0BKIRWTcIOg8rGO5B5sNrl_Vas9bx65mKgnebbVSpV6cpC4zCG8P05n6lZp_ydlp7XSQECtGg64MBvpkgL91xjE8KvXD6y65MHezRyxOdE0fLjuYnwojM04BXR6HJGhMLpQZSSzPDYPj8LFPZqErOcwvC4-RFUAFjdpMo_B8vNV64BxpaOdILLsWKFUB0H7sNL8dgFINIXrhFYNaBYyWHc4Oklved2MfXKDnOw_LlY5nMj-7Jwu-IavQDowLo7kio5bpmFFEED7kYyBq71kdMiSLr01T8lzZX5Oxe2X0kart8WxNkMU1rxU-CZMWCYW1GYWtd7P9wSu7jg-oQQpTnIHJSmhtG-wdwmXR4rQhrEt6X6kxdEIvp-k3MkxT17N_qoX9gf5y1bGKZfw462CaYpdK3qpSw6YAYUhrXSXvqorBH_ek_2lOc9zIy10X6Y8DZZO0mq2bH6g8wiQ6t5u5_E3F_y56v9pRgYEG1K2pBhGBXh1yMnv-V8R4QC3CnsDvFbMO2IqVUkGP-fNZH77sQNb9HUbfs9C4dEF1ZOXOxgMKo3FVatAY0wUWDP_jXq3N0NRe0_ezwUIHhy-a8vpXg2ISBpa5upvDjMW06u93mJ4TH1Odq5My9m2Vqn-ZU3NpUoRwc2yHAiiuZQJz6uU91Di0rwX5jRy30BIM70AGbtHmAwFhKfv20Y8kV92dYpr7B-lVFJ9NWkEozFZvUgpMD8qAFpWPTn7zd5oIj9nAL24WrEJRDZ2Gl_okGdFg94xk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame D334 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE89 42 B
64 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2Fh5lTmGuSBSnZ99M_2o3wwK2TqwHn_iuM3hXy2tg-z5NxJZFx3k0QwynURY_DFCCtaM57G9mWt0e97YAsXPOMh-chWObHKReIUEDF3AuCydP0HumJT7uXVjjZI3Ox3NMt_M3rHBqoQ&sai=AMfl-YQtdJkIenX4qgiZG2InKGcQEe_pD11Pv3IcMGL-1PeIaUkj1JVHkgFzI4mw1uNukTBMdtMVpCaLpL1X0KfQEt2kgh8mo04K7MkEgQz3srv_8VqloO1Ug5sHPFkmBQkX1RrlI2mUgZLU4lnK&sig=Cg0ArKJSzPN2Hr_P-QI2EAE&cid=CAQSSwBpAlJWShs0pHHpYbJKav9Y099ZbaT2uoXwB81IQAcIYuMyBz8IbH9EeoYVWBmQlw903ZYiWf5eF0WiKHXRKiMN18a7EB-0_gqv7BgB&id=lidar2&mcvt=1029&p=611,315,861,1285&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=583070209&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694364139070&rpt=805&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
128ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=4070046320069164&bg=!goGlgc7NAAa6D61Rmg87ADQBe5WfOCK1tYZdQadAPtahKSSD-KnaRj-Tm-C-i6nYDJSPUtw9-dp4LDHatNHjcCgVnfkkAgAAA31SAAAABWgBB5kCrmflaEeid_2HQf78hCu7vr_4lsIhjl14aii_tLexPa2oUs0R4-LQLJtIzpZVhtLezS724w1RI1L3nN_mdK7ON2q-D2kHSStf615227PqXu9-hOvMfSEgE6OIUrRkHT6bp7Cwl-iwW9uE3qfAgW8HkrClS3KemXokfzRJbT4Jz2UzdBvUjoc47d_Z-KDuSKTF-8nAFgVQeDJpnwkHEqVVt2bznuNnhbROgxkXcwyyYiu4Ajp6BVJgow9QFJld5n05lmBy0lytHCb7pjDbKgMoNieEwe7o-IwIA86kJSyt7yvFUae07UKNQ9Si60W7LOXEs6DONPig-5mPUD9Mk9QS-h30pAaBdPnWojJCN_0azHomnCgLpEPSUEDZKt8Yo95g5OCuGIekz311uQZmA_C_htO3gmceFvti6lOF4myFzphS0eXYFgp5mosV0C0iuZg021zMnBEx_spV6GU0NPMa2DU63Xw4UAqyM_AbZbq5oJ9afa46qDN0_X1-LlC4eYfazEieLmXlxOeLOxaFuYT21YPJk0pvXl6WCZTYhEnQ06E9XUa3BILTpb1bSOanxLuK8CUwJWeXBpqrLgtMTe2tcrOmdleI4NUgC8RHZmXuULoIbPZPCM42NxIcslDmXMECN2-iBESLzpz4BjqpRMp8pHfOBVryz1WpwNYBROtIAaTe6t93IT4t5FbsAhwuuZAbvo6HYb-YR_PiWDrQQwXabT4Aig4wZFekvKBY7M6DwyoNxWtQVI8tYn-o2IRByOZF0vd3Y-C5_4V9O17H5BP2L-n_q-IqwJxw185APdihFQDXrfLhui4juQz5LX3eG7Kmgbxye_BMrAMk_l2NfK2a2poddpKbVOCTtUFBbEQ9Lo4DCZZXpADTbu8ekjvJdbYwFa8fhkxeiGYIl_Wep-rw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B48 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXKvr6_H9ZInLJozf-gaGpaa4CwAAAAA4AeAEAg&bg=!7e6l7qHNAAa6D61Rmg87ADQBe5WfOHSC4AouH7IXrRwWFivG9BQwJCmLwDidUGX-BOoW6wYIYzmeSxvTNgP3vQflSjnYAgAAAe5SAAAAB2gBB5kDDhdtO0c_kngJh8ktEhVax57eYBqdqNEr9FNO8vxTgxKk07Ev2WsxZR0GSVxlS_E0-CcaYZms95m3AhhYi1HSRAgsBZ3sFnH7i3nJmMeJScSvE2F2hHyCkDqsi1_GgMyrhmeRYMGGp10P72OFZ-vClUL6UOLkcOw1kdtoUt8fypQbo-bX1Rf7j2kAQquUliDmRO-2OXY6BVuoQT3pAQ9ZELbWSaN5vEjEtK36wZUtVwRaRcegcLVNANP9i7um4M3J2E7UdOBUHzKXQPZ5-ETDog57FAQA2oI68eu2PZdEg_hxxhzVuL6CcEYsqUyYWfEQuLJpd9gXex4MFRMagc5Ul3UtR4xBUJDDMEXKQUbhnaA3KkBjz_RmsuBqsa4fe2ra5Ql6UrAZ-TbjR51tTd5oQ3g5Whi3OvD5SBzID9E3up14vYGuMHlE_lxxO2BQ6s1kZHNVeAfzuNhIJhDehDRqQJsYNUS00QiuLracbkEtm80BkhwuxTvwpIfBuCZbpG95UhpMyH8ADuN5hh1tVFbDObMUuTLNijG2K6shinUb0ZJVGzohea3NG63zLda47P9_oGjwAtScao4O3Kz2epIagF-yixvKmLYymv_R5OVxaoe1k14LcotTCrHRYnSh-4-b3JZJaiJXiqR5HjMYfNU9y0E6ATxXftK_M3nb3HRqqCkm3OJvVY6G4cnWKwDRPRsZev3p286pX1Ymqd50LedJ3Z6m2Z01uH1iPXpIvoxyG7a8Z76dsqS1mpp43-2w-orOWQADEmvRJt23NiozM5aDOu7vaIX-tQBK58TBWoOCtOXTbS7i893ynuQnFiZs2gxCv2LUp_AVy0gwW1AaA3Xei-C8Jrbdoa_klbQi_JvU8_OyMjTrj_V9m2CTMsZGIO4Gi1A8xJI3cm0wbQhKsOF_Kbs4ToL9hxLn9qVY8uoheiELMfp-ShCSTk1JBPetVLIJKBBUSDNMoXu2rXPNB3kHfLoPYqVqwWmK7vDyhehqXKIQGvlulqCiegBiTMWM2QUG6PU8cX_GQj7o4mNw01ZV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CA0 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv-hz6_H9ZLaYJ_u7x_APj8KOSAAAAAA4AeAEAg&bg=!-Pul-7TNAAYoa5rMCGs7ADQBe5WfOCQAQuLV0er6bzLygjRIHafc-I0dQ1ZlvcYi2pEoaKaiyp9o2K7PNpIFgZwyfPf5AgAAAdtSAAAAB2gBBwoAZPC9mlOxVBBScUUiecpuy3iY62hE4KhAEdATi2OTkQCDTd2t4EnGnl2T1SYsOqdq2BuMqO5sVf4H5SsAVp-m5C9xhiyIpRWnIVicGoXEHnf2tsP-GiDgFWLeJ8Q69VFxFFp9OxiZAxsv6zQ7Kyj4Ux7SwzmvpRRaruDnTkDt0rcHAeEGmHnNoiAUjDesGviUwEApCbAITv5S1gwIj5fxRGsTX8Ckc58mqG8Um5OD9WY8I7BH6yeYO0X03NZXzPmomvMhzkKIEuuFQ9ObcnTr7ZlRFIHHhiYXLoJinqzowp6zsbv-zjyFYdqoPoGCXddlTeBNpje5kjn0ERpuByXScK9OaLk0Y7IIOTBXRB8kBRq9YJ3VUyPrtfgjX6lhyp07dMr23Xf8LU1dw7oUtMIpEH_TuKQVqTXQEB9r3vlzBtAy9t4OJ8gkpVrx6kJjGNHR3mrwDEM4zWowUDcwAOcBVWIDXwqzyhSSXapPgVSX6ccbd7M7IevUijiXRcVss0dHqQgwK8KSk3oUTL9fdP2PCLekIc_G0lnk-rgfYlbcDe6G2MRj2c49M9P25yThId1_D0L4W1mEdzah6bHrA3Ho83phPajPYkkSxk5pQ3xtPRo6u1iX4aCxn7vqFb3UavW2463dPVDOqgfOiYj4oAZ1jP1w53CbsPxlZ1FMSZu98xSusViq_diO3X8xVK0Z9mhRp7XJ-7pjPLIucFBoAZSDVGX4uKlhTlEoJAFYmhd1yRWS4jjFnY40VOTNH6BERoO6nALwW44swmDG0tKSQgUsSeGvpnD_ZGjtHVuQXfNkJrrrWuQiSjyDoC44vWXl3bBZhXDHUQjiIZPPDcqCRf3Q0RH6hWAWxIb_lypFC9o5DBnZFeSQZicmrzSYV4-lnLyfy5KXBEBd3BTClaxnMq2RZ9ZuKPqCnUZ2-op0rIJzPpqRTaO9RNAQRPi9syXoge2uhesvvYwKubh8-Ui6d99xkJq3BgEDkwUpkfLvIfAZw_FbfTf68H0BIsDNwFo7Xj_1h1M8v4YL1_GJIQELI5fLrFtnCFsBODcMRl9KEA6MhPcbqTWFnqIvsMrKEZKTDgQ8vTl35knP6aoLPz0oKcZajBcnSdODjwUdKG0dTxcX5cv-ARhbCwmyo7YbeFMUlYifWGzHXm80qv2H3QxCeZqL3zlyjtDXLdFD76OaatdvrRGKWeo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E784 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwn1ZWagBjc5FPOzOUTfBcJAuilGpr8H3xB4IkPTsjrlT3mqVnnaailFDKALa_ku8pipPO7FM0eqn46ppNuiCMAkGgFh_BbHMV0dAxgIp0qdgnMZSI_NpIpCtGJ8G51qwgRkJEwwtfuw&sai=AMfl-YT-gtsG_PMoAmhqfgFfKD4fF2YcO9DMXsQBFl8QFlQkcpf8Q5Ey3jzeGH_4xgaFoYPqvo7TO5Mq6JJsOXiuBqvXpUU3FgsV_l7C7voTYqQ8tWRE_MXYau7OtdUcQFlwa5dQ_Ddut9E1u713Kw&sig=Cg0ArKJSzJ1xG6VZIu_rEAE&cid=CAQSTABpAlJWgvWHNClTGNLt508db03KJOKIhngWD0BQQlxr9rob2gHcSYfjZSpyBJXZFCx0MCI_oS3MxqJkM6WuhhXQhP7SZsneUi0EH3kYAQ&id=lidar2&mcvt=1008&p=1074,909,1114,950&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3992249615&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694364139102&rpt=813&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55FB 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2875322859290&version=m202307240101&ct=76&x=1&cor=1184866595718951000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E784 0
20 B 123ms
122ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4870407661052&version=m202307240101&ct=76&x=1&cor=2071278019984008400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE89 0
20 B 123ms
122ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8835195119286&version=m202307240101&ct=76&x=1&cor=15994746715406537000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 16:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Sun Sep 10 2023 18:43:17 GMT+0200 (Central European Summer Time), path=/
live.demand.supply/	1970-01-21 00:15:24	Name: demandSupplyTi Value: 344da3e3-08bd-49f0-89aa-30127ce8acc7
.demand.supply/	1970-01-20 14:39:25	Name: __cf_bm Value: vbmWZFM3VtsqGkmANwM3y1Mg3Ksn6vwCnBleSdqdSfI-1694364138-0-AUotATa9Yn13Uma9SyC5+wty/8YUU7dU7+2Aa8kiyVsTwGETfZNPSghwDTXB5CepdCn+dMkPvm1qtbZvGSUzAmE=
.file-upload.in/	1970-01-21 00:15:24	Name: _ga_3T7TKCZCC9 Value: GS1.1.1694364138.1.0.1694364138.0.0.0
.file-upload.in/	1970-01-21 00:15:24	Name: _ga Value: GA1.2.885750579.1694364138
.file-upload.in/	1970-01-20 14:40:50	Name: _gid Value: GA1.2.257185379.1694364138
.file-upload.in/	1970-01-20 14:39:24	Name: _gat_gtag_UA_119779859_1 Value: 1
.file-upload.in/	1970-01-20 14:39:24	Name: lotame_domain_check Value: file-upload.in
.criteo.com/	1970-01-21 00:01:00	Name: uid Value: 31045742-fb6b-4585-990e-7c636c8c08be
.crwdcntrl.net/	1970-01-20 21:08:09	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:08:09	Name: _cc_id Value: cfe46e8291c626dd0b2d8074d547bc2
.file-upload.in/	1970-01-20 21:08:12	Name: _cc_id Value: cfe46e8291c626dd0b2d8074d547bc2
.file-upload.in/	1970-01-20 14:49:28	Name: panoramaId_expiry Value: 1694968938702
.file-upload.in/	1970-01-20 14:49:28	Name: panoramaId Value: 85057f6d8be3e3afb30071c7a1dfbd9563ceb00b2a0f7d4006265e84e579d501
.file-upload.in/	1970-01-20 14:49:28	Name: panoramaIdType Value: panoIndiv
.file-upload.in/	1970-01-21 00:01:00	Name: cto_bundle Value: BziaGl9ETE82cXcwVTVySnZ4UVh4MzJVVTFhanZ5dTljdHQ2NE1TY21YSHBBMjQ3eVlUaktFZ2g1ZVYxTG1HcDNYYm9iQWxESFRUNkIwN3p0dHN0RyUyRmViZExrOUNWSHVSTnB6cGZRTERaY011S2R3UEw3NFJtS1g5Zld2QUtnSHF6bWJPUXpGJTJCcjVlU09GRzcwWUllUDhDM09BJTNEJTNE
.doubleclick.net/	1970-01-21 00:15:24	Name: IDE Value: AHWqTUmQVo0nRhNY5pBQXUIrAaQ7t4SUer2pgFgUe_vQUZfawto8iJ5qqqy6QrbA
.casalemedia.com/	1970-01-20 23:25:00	Name: CMID Value: ZP3x6.29sfMDigABrAlgyAAA
.casalemedia.com/	1970-01-20 16:49:00	Name: CMPS Value: 1178
.casalemedia.com/	1970-01-20 16:49:00	Name: CMPRO Value: 1178
.file-upload.in/	1970-01-21 00:01:00	Name: __gads Value: ID=3fbb0ed7679fa859:T=1694364138:RT=1694364138:S=ALNI_MYKIScW8KBsSzv7mYdOwKJ92cAZXQ
.file-upload.in/	1970-01-21 00:01:00	Name: __gpi Value: UID=00000c71a9f88bcb:T=1694364138:RT=1694364138:S=ALNI_MYIbvN4ihWzKSsXoXWxE95Q9QZGag
.adnxs.com/	1970-01-20 16:49:00	Name: uuid2 Value: 6347989067675919152
.adnxs.com/	1970-01-20 16:49:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jv#x^J!]tbPl1M>e)ZlrFUfJ+tGXxp:b48mNCJn]zQjXBBa98Z)9$R+k`dZ7Pmo>_D3If)y3KL9D3I?+v(2YR4
.openx.net/	1970-01-20 23:25:00	Name: i Value: b938c4cf-6d99-4643-8496-e57fa8155fa9\|1694364139

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/(Line 998) Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800;800&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800;800&display=swap Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25f60059d283cbf53ded62834d0c6992.safeframe.googlesyndication.com
ajax.googleapis.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
www.file-upload.org
104.18.39.155
142.250.185.98
142.250.186.66
151.139.128.10
162.19.138.118
178.250.7.13
18.66.97.88
188.114.96.3
2001:4860:4802:34::36
2600:9000:2250:d200:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:3036::ac43:b1f7
2606:4700::6810:5614
2606:4700::6810:8616
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::3
34.96.70.87
34.98.64.218
37.252.173.215
52.209.147.201
005c757cf592f5273ed6bb107619c0f49c1357a44f3f58cbda38a1a25a7a748a
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01cec33cb7c64da3cac8f1b5f02342fe629ba2d25aa928d25bc7d04dc7fa7a45
026e963bdb72e24515e5acee4da611ca28b8bbd76eaba14cc09cfdf53350427b
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0ee5e373c649eee23a99b16421afef3a05be811a9980e1be5cba584151f64f72
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132dd52b08c5971aad919ccdef464fed8533fd625678f69b005575aa9c714db9
16256e67ba0b5977fbe7b7006af63db48031b0e33607a383722fc5f818fe5ff3
1a56a5a3819fc67f6d6f884075093c52b3132047a845e91c438f79802453cc2f
1a5c1f40e90f89b3a0a241bacf8cc84489cac883da0b6589d0159c7418306059
1edb8308475b27378fa7a5d502187ec6fa6e01a0a9bef65bd48daac8b571097b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
278cc9a8e1fba4e39a5e88c6803a1b103563502655218c36c49f17c538ec207a
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2be1802b58723e358c3ab791c482ba866d44a88668d56d1b128d738856470c48
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
351b84903f287454115f3a36aa81e929627d46a2446a557735276695aed45eb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c1483f8f5c3828ea27ec3b41bbe45483a444bfb70a0ade1b5055a831f89ed83
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3dbf199e3f44ad2a0d883323f19acfd61fed6c35f6bc675795d1db33252511d7
3e18cbf5a21eb9a082b6b5ee8fbeb22755e76eac1075e08e9343cc7994c7c9e1
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48f934d9aa251448bcbd7076964134d6d3ea80d780a5584285787abad709a8e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb0a8172346373e34c8af7894dbddcc9e71cb582d12637550b408e5ed4402f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526cff41f4e9a8c57d51f4d15d2410427110922a2a68eb548f40cd1092d3ae6d
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
571768a589db77a865fa04ab853fd707fb5e6ae4af0bcc00df81bd2d77a74d5d
58023857e618007c2eed153d50c90c290e31677b495ab330eb6480f729175557
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ade8e246ec50eb291456738bf069caba9be846a90e67c8a1ac7e081161d52b
65669f38f77e639884db08b1e8af3d6bcb8f255ba5745f3f79084e59aa746d95
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f2460ccc2b83ba8ba3ac78a526fa2ec6eda01e49ef4f9baf7869c259cdbfa61
7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
757acebcc9f6604d518d9ebaaec7d66779a9bfc74fdbcef64ca2faab0a10c1f3
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
77b5b9d505e57d40817f23f22ca56ce98449441d6c804663b084db3afcbf9da1
7c6014d4eb8432bc75fce7072a92ec06c2e1c2d80cf505fc1f7264ad40298723
7c6651af347bc2ed0d00963ffe07aaaab1c64c94ffc886e6d6085aee7d5f9311
7d12a9bf1fe15f8267e78800c4d420cd2012119edce1c7a2734de411fbe4c336
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80886b973cf1c682904eacff70c6c7c353a9d434e5f375dd152b292ddcfb20dc
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8844d346f49ef9e1fe21ea91e55fc68815ca43753d854359b3eb3153d70c6945
8856ce6d11d81f10ca4086ca674a8a6c971c7f9cdad962bb6aba38a69d19f535
8f444a9cddbf215edce48f54d451e877f4fbf677eb2a253d67967b56c62fed35
94ff2fe2ecee03ec36350fc7b4ac00d5008768da42bceb1f475445b246aff1d3
97030e141a7a6d9f6dc7e4aac71cee777505a13f0a2b5a0e7ea1cacb0a0b56d3
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a44772017abf9907134afc6c49188901ff185d507913713fa1cdc72bf09d2aec
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b71ac19b107aff17703a21c210c1376a16cce3ad090ee2700e35b9da829f27fc
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bad552615bf05c0e468563016450b01b7439de8fc6bdb0a018f743b1cc25266a
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c26e075492f2f7d2b21f7e243e86e2c669364cf1c94f24861a0bab532ae99675
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
caff76e501851169fc9296295fb203cefa5a6dfd00131a26701f8654305e6809
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cf870fdd887a3162665ca7a09e10ae3f7319cd56fd055b27cbf2454884e2d3a1
d06d2bc8ed3dbf226ada0c061c7621f10d3b0bd1a5699cc6fbf09d671dc571c8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9b36c8a5b4154697f9046312f1a04443d48cd07b5de626b5c5a12e23ceedef6
ddf611436bfb3988f40db1ed9a1621b50b89f27b7275b9aa88e895f6a9c02495
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a8ec58514255aedae877395b5a33ecf0576eb368690b64802b1d4718627ad
e7debf4adc50442cc27c775791a12a0d0866c7ebaf185823651f18232275ae95
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e97894c283fe8bab75b45ae7330d499e07ad41edbc7bec6cc50b4a78c4f79a28
eaa6a3aca42fc25f7f1b0f6157ca7fe231d3e52bfabcf4f794bdaffd53279215
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9ec828fb5f2a5fa9ca80b1fa951aa451c75bb312b20ba830b369ae4c4ab27e6
fa19cceed9f19143cd2851faf4bf98c33286d3b60b0682605cf6410aaa549249
fe14ef22a79018581243fb7d5e3a5a1c3b56cfc88717648efb1064a598cce7cc
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.file-upload.in Open in urlscan Pro 2606:4700:3036::ac43:b1f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

268 Requests

94 %HTTPS

68 %IPv6

27 Domains

39 Subdomains

38 IPs

6 Countries

3663 kBTransfer

9083 kBSize

26 Cookies

32 Outgoing links

Page URL History

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

94 %
HTTPS

68 %
IPv6

27
Domains

39
Subdomains

38
IPs

6
Countries

3663 kB
Transfer

9083 kB
Size

26
Cookies

268 HTTP transactions
9 data transactions