www.dll-files.com Open in urlscan Pro
89.187.169.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dll-files.com/
Effective URL:
https://www.dll-files.com/
Submission: On October 06 via manual (October 6th 2021, 5:40:24 pm UTC) — Scanned from DE

Summary HTTP 174 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 36 domains to perform 174 HTTP transactions. The main IP is 89.187.169.47, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.dll-files.com.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.

This is the only time www.dll-files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	79.99.3.27 79.99.3.27	42708 (PORTLANE ...) (PORTLANE www.portlane.com)
6	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.29.122 13.32.29.122	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
4	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
4	52.58.119.106 52.58.119.106	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.85 13.35.253.85	16509 (AMAZON-02) (AMAZON-02)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
13	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
2	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
1 3	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
4 9	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 3	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
10	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
20	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4		() ()
24	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	184.30.24.198 184.30.24.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2 2	3.123.163.175 3.123.163.175	16509 (AMAZON-02) (AMAZON-02)
3 3	3.127.179.79 3.127.179.79	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.35.107 52.17.35.107	16509 (AMAZON-02) (AMAZON-02)
6 6	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
5 6	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
174	43

1 79.99.3.27 (Sweden) 1 redirects

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: flit.tilf.se

dll-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

www.dll-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.29.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-122.fra56.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.119.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-119-106.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-85.fra6.r.cloudfront.net

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.20.35 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.228 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.178 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

monetizemore-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 (None, )

ASN- ()

uuid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.163.175 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-163-175.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.179.79 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-179-79.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.35.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-35-107.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.49.238.187 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.134 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.246 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	220 KB
26	doubleclick.net 5 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	246 KB
24	google.com 4 redirects fundingchoicesmessages.google.com www.google.com adservice.google.com	82 KB
20	yahoo.com c2shb.ssp.yahoo.com	9 KB
12	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com image4.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	28 KB
10	openx.net monetizemore-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
9	gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com www.gstatic.com	181 KB
7	dll-files.com 1 redirects dll-files.com www.dll-files.com	221 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	bidr.io 6 redirects match.prod.bidr.io	3 KB
5	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	5 KB
5	googletagservices.com www.googletagservices.com	174 KB
4	function sub() { [native code] }.	362 KB
4	pubguru.net a3.pubguru.net	1 KB
4	google-analytics.com www.google-analytics.com	39 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	95 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	facebook.com 1 redirects www.facebook.com	453 B
2	onaudience.com 2 redirects pixel.onaudience.com	716 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	2mdn.net s0.2mdn.net	126 KB
2	facebook.net connect.facebook.net	77 KB
2	m2.ai m2d.m2.ai	168 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	72 KB
1	simpli.fi um.simpli.fi	610 B
1	bluekai.com tags.bluekai.com	304 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	757 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	lijit.com ap.lijit.com	650 B
1	pubguru.com cdn.pubguru.com	4 KB
174	36

	Domain	Requested by
24	tpc.googlesyndication.com	uuid tpc.googlesyndication.com securepubads.g.doubleclick.net
20	c2shb.ssp.yahoo.com	m2d.m2.ai
13	fundingchoicesmessages.google.com	cdn.pubguru.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net uuid
9	www.google.com	4 redirects www.dll-files.com uuid tpc.googlesyndication.com
8	googleads.g.doubleclick.net	uuid
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	cm.g.doubleclick.net	5 redirects eu-u.openx.net
6	match.prod.bidr.io	6 redirects
6	www.dll-files.com	www.dll-files.com
5	eu-u.openx.net	m2d.m2.ai eu-u.openx.net
5	www.googletagservices.com	m2d.m2.ai uuid
4	image2.pubmatic.com	1 redirects ads.pubmatic.com
4	us-u.openx.net	eu-u.openx.net
4	uuid	securepubads.g.doubleclick.net
4	a3.pubguru.net	m2d.m2.ai
4	www.google-analytics.com	www.dll-files.com www.google-analytics.com uuid
3	match.adsrvr.org	2 redirects eu-u.openx.net
3	x.bidswitch.net	3 redirects
3	www.gstatic.com	uuid
3	ib.adnxs.com	1 redirects m2d.m2.ai
3	www.facebook.com	1 redirects www.dll-files.com connect.facebook.net
3	fonts.gstatic.com	www.dll-files.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	pixel.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	r.scoota.co	2 redirects
2	pm.w55c.net	2 redirects
2	ads.pubmatic.com	m2d.m2.ai ads.pubmatic.com
2	fonts.googleapis.com	uuid
2	s0.2mdn.net	tpc.googlesyndication.com
2	encrypted-tbn2.gstatic.com	uuid
2	adservice.google.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	www.dll-files.com connect.facebook.net
2	ajax.googleapis.com	www.dll-files.com
2	m2d.m2.ai	www.dll-files.com
2	maxcdn.bootstrapcdn.com	www.dll-files.com maxcdn.bootstrapcdn.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	tags.bluekai.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	secure.adnxs.com	acdn.adnxs.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	acdn.adnxs.com	m2d.m2.ai
1	encrypted-tbn3.gstatic.com	uuid
1	www.googletagmanager.com	m2d.m2.ai
1	hbopenbid.pubmatic.com	m2d.m2.ai
1	monetizemore-d.openx.net	m2d.m2.ai
1	ap.lijit.com	m2d.m2.ai
1	cdn.pubguru.com	m2d.m2.ai
1	dll-files.com	1 redirects
174	57

This site contains links to these domains. Also see Links.

Domain
pt.dll-files.com
de.dll-files.com
cn.dll-files.com
fr.dll-files.com
es.dll-files.com
jp.dll-files.com
ko.dll-files.com
ru.dll-files.com
tr.dll-files.com
forum.dll-files.com

Subject Issuer	Validity	Valid
www.dll-files.com R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.m2.ai Amazon	`2021-01-14` - `2022-02-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.pubguru.net Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-17` - `2021-10-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-30` - `2022-02-23`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh

This page contains 20 frames:

Primary Page: https://www.dll-files.com/
Frame ID: 17268E15D7C2941A1CFAF96741EC3120
Requests: 87 HTTP requests in this frame

Frame: urn://uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c
Frame ID: D2487FB093E5BCF9EE88EA06154F478B
Requests: 14 HTTP requests in this frame

Frame: urn://uuid:80332d7a-366c-3264-2b13-3264366c8033
Frame ID: 1685C1E6BFF82165F010E60BF74B5AA7
Requests: 9 HTTP requests in this frame

Frame: urn://uuid:266a622a-cc50-bc84-6a73-bc84cc50266a
Frame ID: 797B94413A71656193452E8506771F6E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html
Frame ID: 96299DADE0D60DBC8DDA08B3855D7211
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html
Frame ID: 458B6CC4005B60A39A83BCD02C0CC6F0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D81BC0AF978DA4F5DD5DB262A117BA27
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CC11D2E78BE85AB0389DE7E21DA25BCD
Requests: 2 HTTP requests in this frame

Frame: urn://uuid:45b39f5c-4688-4de3-90e3-4de3468845b3
Frame ID: C4CB88464C30710D7A875684C253E0C5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EBB203186C8F88582A792585AC62FFA5
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9BF135D3713930FC3CFF01980479904A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3BB57F6BAFDDD899CF4C3583B65629AE
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df572d0644c0af%2526domain%253Dwww.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.dll-files.com%25252Ff338a820d962528%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
Frame ID: 4A9AFE34D0621C888B718FE053AABF4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CF4C41DBE0233A32E4BFD2A204974396
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32A4070DA3CD980947C3D2E6799CD218
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7ACEB9A9F7E082223E0F3EA209A75CE8
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3CCB0AC1A21AECD59C510FE601A4CFF3
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Frame ID: F240EC6EF7B3BE5EF48D712F75212964
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A
Frame ID: CB866CEA76BDA6556F9AD1C2205234E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646
Frame ID: ED3021D715AC1469307A3E9A54376B2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download missing DLL files for free | DLL‑files.com

Page URL History Show full URLs

http://dll-files.com/ HTTP 301
https://www.dll-files.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

174
Requests

95 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

43
IPs

10
Countries

2156 kB
Transfer

4806 kB
Size

62
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://pt.dll-files.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://de.dll-files.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://cn.dll-files.com/
Title: 中文 (zhōngwén)

Search URL Search Domain Scan URL

URL: https://fr.dll-files.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://es.dll-files.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://jp.dll-files.com/
Title: 日本語 (にほんご)

Search URL Search Domain Scan URL

URL: https://ko.dll-files.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://ru.dll-files.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://tr.dll-files.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://forum.dll-files.com/
Title: Forum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dll-files.com/ HTTP 301
https://www.dll-files.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 139

https://www.facebook.com/v2.8/plugins/page.php?app_id=153851522244&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df572d0644c0af%26domain%3Dwww.dll-files.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dll-files.com%252Ff338a820d962528%26relation%3Dparent.parent&container_width=342&href=https%3A%2F%2Fwww.facebook.com%2Fdllfiles%2F&locale=en_US&sdk=joey&width=500px HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df572d0644c0af%2526domain%253Dwww.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.dll-files.com%25252Ff338a820d962528%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px

Request Chain 153

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mrgadche1MyaTY5

Request Chain 154

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4845e069-d95b-4d17-8d04-6093d29a630c&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=a4d9a480-ab2e-493e-860b-1b368731e22b

Request Chain 155

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5420305474117021725

Request Chain 156

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIN0JrN0N1NzhBQUdUbnY0R0pSdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH7Bk7Cu78AAGTnv4GJRw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH7Bk7Cu78AAGTnv4GJRw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAH7Bk7Cu78AAGTnv4GJRw&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH7Bk7Cu78AAGTnv4GJRw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7308167650753553639 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAH7Bk7Cu78AAGTnv4GJRw

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fc39615d-df86-4100-b39f-b60a65f3257f

Request Chain 158

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-14kVakJKQfgWShSq1c8UvtZIgPgWyFXq1osWiBm

Request Chain 159

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1409347104815136839

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMEPcoGiMLlcw03uI9AQmD8&google_cver=1

Request Chain 165

https://c1.adform.net/serving/cookie/match?party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A

Request Chain 166

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Aj0ZVqXTy2qrx1H1SFROg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 168

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fc39615d-df86-4100-b39f-b60a65f3257f

Request Chain 169

https://pixel.onaudience.com/?partner=214&mapped=FC08F465-5A97-4F2D-AAAF-1D47D521513A HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=4468b46079474431

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkMwOEY0NjUtNUE5Ny00RjJELUFBQUYtMUQ0N0Q1MjE1MTNB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELMlnpIVrgUvxpZaEPWu_U8&google_cver=1

Request Chain 173

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=beb906f4-fdcb-4183-b083-e8fccea83e74

Request Chain 174

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8503030297081741309

174 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dll-files.com/
Redirect Chain

http://dll-files.com/
https://www.dll-files.com/

15 KB
4 KB

48ms
6ms

Document
text/html

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 7f2cb26c510ccb3f3c70d338c2ab24ba3f3f1c8d6888425e6a7b09060ba2a423

Request headers

:method: GET
:authority: www.dll-files.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-DE1-756
cdn-pullzone: 91877
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cdn-requestcountrycode: US
cache-control: public, max-age=604800
cdn-proxyver: 1.0
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/01/2021 11:33:03
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: cf609d9fa1c3525a7d0c7435c5aeb318
cdn-cache: HIT
content-encoding: br

Redirect headers

Date: Wed, 06 Oct 2021 17:40:18 GMT
Server: Apache
Location: https://www.dll-files.com/
Cache-Control: max-age=10
Expires: Wed, 06 Oct 2021 17:40:28 GMT
Content-Length: 297
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 50ms
34ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 2042439
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5be60cad80d1eecc9ac7a67f88ee3f89
cf-ray: 69a0ac8fce2c3240-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 build-202004271004.css
www.dll-files.com/assets/build/css/ 392 KB
123 KB 31ms
30ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dll-files.com/assets/build/css/build-202004271004.css
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 8a4d0cf7b4b7d0c66f12c688b7a36189b43579094b1e95b603b16cca9dc6d3ad

Request headers

:path: /assets/build/css/build-202004271004.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dll-files.com
referer: https://www.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 08/27/2021 11:22:13
cdn-pullzone: 91877
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Fri, 03 Sep 2021 09:22:12 GMT
last-modified: Mon, 27 Apr 2020 10:08:29 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cdn-requestid: e2f24bfe4d59601f227f83152e885ef9
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pghb.dll-files.js Show response
m2d.m2.ai/ 610 KB
168 KB 37ms
11ms Script
application/javascript 13.32.29.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pghb.dll-files.js
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d69d2e898ca79f657bfc06ad0106b96a849e3a3899301964f3de6241f83fd60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:35:48 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 16:06:31 GMT
server: AmazonS3
age: 271
etag: W/"8611e34cbcb8bffc28608b59764ead22"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: C4EzaOKspyMH4Ep0EApsC-uNxjwImn5KnfdmxsIjE5K-2jfL1Ct8yA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 30ms
8ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 09:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 01 Oct 2022 09:22:48 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 37ms
15ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 16:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 06 Oct 2022 16:50:35 GMT

GET
H2 200 autotrack.js Show response
www.dll-files.com/assets/js/vendor/ 13 KB
4 KB 112ms
112ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dll-files.com/assets/js/vendor/autotrack.js
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 2f4fe1dc13f9d98546fef63ee21e93ec60031faad7fe301c5fddc3de87efe8d3

Request headers

:path: /assets/js/vendor/autotrack.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dll-files.com
referer: https://www.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 08/27/2021 11:22:14
cdn-pullzone: 91877
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: bbc3ecc3205aeb17a945d87326f72f65
cdn-requestcountrycode: US
cdn-status: 200
expires: Fri, 03 Sep 2021 09:22:14 GMT

GET
H2 200 main.js Show response
www.dll-files.com/assets/js/ 12 KB
3 KB 199ms
199ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dll-files.com/assets/js/main.js
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 705f8cdc15c1fd8b6ad8780a5a4a4db7bb659ac4c1d2f290fb5be77e3859f86b

Request headers

:path: /assets/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dll-files.com
referer: https://www.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 08/27/2021 11:22:14
cdn-pullzone: 91877
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Thu, 06 Feb 2020 10:23:17 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: c2271ff0287d75d4a4fb7f03b871679c
cdn-requestcountrycode: US
cdn-status: 200
expires: Fri, 03 Sep 2021 09:22:14 GMT

GET
H2 403 pg.dll-files.js
m2d.m2.ai/ 0
0 410ms
384ms Script
application/xml 13.32.29.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.dll-files.js
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-122.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 dll-gear-137.png
www.dll-files.com/assets/img/ 6 KB
7 KB 222ms
222ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dll-files.com/assets/img/dll-gear-137.png
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/assets/build/css/build-202004271004.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 75102b36e4a9ed753c8281016c79cf19cbeec12e68cf0d6e06106243b11b1ac5

Request headers

:path: /assets/img/dll-gear-137.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dll-files.com
referer: https://www.dll-files.com/assets/build/css/build-202004271004.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/assets/build/css/build-202004271004.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
cdn-edgestorageid: 756
cdn-cachedat: 08/27/2021 11:22:14
cdn-pullzone: 91877
cdn-requestpullsuccess: True
content-length: 6341
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: b32b9c25a0663ca84fc8cb7c41cc7b57
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
expires: Fri, 03 Sep 2021 09:22:14 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 16 KB
16 KB 31ms
7ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Origin: https://www.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
age: 447725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 01 Oct 2022 13:18:13 GMT

GET
H2 200 hero-3840.jpg
www.dll-files.com/assets/img/ 78 KB
79 KB 298ms
297ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dll-files.com/assets/img/hero-3840.jpg
Requested by: Host: www.dll-files.com
URL: https://www.dll-files.com/assets/build/css/build-202004271004.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 7db0f5798491f765b194138be25843a2c8f20c98de241887c1881ef641901fdc

Request headers

:path: /assets/img/hero-3840.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dll-files.com
referer: https://www.dll-files.com/assets/build/css/build-202004271004.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/assets/build/css/build-202004271004.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
cdn-edgestorageid: 756
cdn-cachedat: 08/27/2021 11:24:42
cdn-pullzone: 91877
cdn-requestpullsuccess: True
content-length: 80192
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: c029193f2df5922e957263c511dd79ad
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
expires: Fri, 03 Sep 2021 09:24:42 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 15 KB
16 KB 32ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Origin: https://www.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 21:00:53 GMT
x-content-type-options: nosniff
age: 247165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 21:00:53 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 26ms
15ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://www.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 14384099
cdn-cachedat: 2021-04-23 06:55:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 39882eb260b788b62d5d6db51ebc7cd7
accept-ranges: bytes
cf-ray: 69a0ac903ef22bb9-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 16 KB
16 KB 26ms
10ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Origin: https://www.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 13:16:54 GMT
x-content-type-options: nosniff
age: 15804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 13:16:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 58ms
16ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5952
date: Wed, 06 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 06 Oct 2021 18:01:06 GMT

GET
H2 200 / Show response
a3.pubguru.net/ 141 B
440 B 32ms
8ms XHR
application/json 52.58.119.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&publisher=1024326

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-119-106.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

086f69ee447cdda1541ce14093532f2b7cd048686a7aeadd2861111f56ca2b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://www.dll-files.com
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 0
vary: Origin
content-length: 141
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
354 B 27ms
9ms XHR
text/plain 52.58.119.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-119-106.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://www.dll-files.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 0
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 gfc.js Show response
cdn.pubguru.com/ 8 KB
4 KB 46ms
8ms Script
application/javascript 13.35.253.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/gfc.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-85.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 1zDVHlGcx640ZLzoe7igwdx1_E7DY9Fe
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 11:40:16 GMT
server: AmazonS3
age: 84611
etag: W/"c1441c4083795f70984ad8988cab61ba"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
date: Tue, 05 Oct 2021 18:10:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cvNCD7gJ2aZPbNu8d5yXIIVKjEidRoH6BcFus_Ps8b7GJeD0iIsQAg==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

1ccd215d2b6eb3f861b1db578359c159b7dcf9cdbf2b8144bb2b5535ace3b3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FvgJI+UyENpavpFnkG1hAg==
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Oct 2021 17:40:43 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: bJ5H+rbsaaHWjqE50WyMWAAyy6UcRQvR/FJEGxOaiumMcYiAI8VZMIXr3qOFLkOEZ2sYL6yKOVabKB02Jfz+Kw==
x-fb-trip-id: 686109401
x-fb-content-md5: 88d1469611a8679b4d4db4c2cbdac9ac
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 06 Oct 2021 17:40:18 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e0b10578ebbdba5507c5d5b9b855d3a3"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
17ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=126551461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dll-files.com%2F&ul=en-us&de=UTF-8&dt=Download%20missing%20DLL%20files%20for%20free%20%7C%20DLL%E2%80%91files.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAEADAAAAAC~&jid=576228060&gjid=532903540&cid=269496191.1633542019&tid=UA-190292-2&_gid=1161073315.1633542019&_r=1&_slc=1&cd1=d-0&did=i5iSjo&z=762599759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 263 KB
74 KB 23ms
15ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6dcc32a8108111b2be7867c19f55a34e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

893dd9401f9f42ae2ade04fc915c4ce3bc11e3c15aa871b1416660e8c00ab81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dll-files.com/
Origin: https://www.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z59uzNn4swe67zaNXGY9sQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 06 Oct 2022 15:24:43 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75860
x-fb-rlafr: 0
x-fb-debug: MN5i3Ccom7ecPhBY0aETsze20i+AVpYU17xbKMQtc10s7v2uN7NM7dQefWNrA9YQr6LMpHAvl3xyfLDmaiyxbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 361a37ad6305bdcdc0c4cc5cb6470ef2
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Oct 2021 17:40:18 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f108b732adb8296087700656b85118e2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 AGSKWxXXKqatgGDojpzA_h1cE74BQIPc51uSs-Rf5M-7xDOQoiSx9SVjtwqD_HzGgZBGQpplqBgV2yqjDH2p3LbOJq8= Show response
fundingchoicesmessages.google.com/f/ 70 KB
26 KB 89ms
47ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXKqatgGDojpzA_h1cE74BQIPc51uSs-Rf5M-7xDOQoiSx9SVjtwqD_HzGgZBGQpplqBgV2yqjDH2p3LbOJq8=

Requested by

Host: cdn.pubguru.com
URL: https://cdn.pubguru.com/gfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

9f59dd3a4239ffdda1b6262e8938b9782e97eda6287c44425388070345153063

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sGyncVmrAAcCE71/xakZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-sGyncVmrAAcCE71/xakZEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-sGyncVmrAAcCE71/xakZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-sGyncVmrAAcCE71/xakZEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
463 B 45ms
15ms XHR
text/plain 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-190292-2&cid=269496191.1633542019&jid=576228060&gjid=532903540&_gid=1161073315.1633542019&_u=YGBAAEACAAAAAC~&z=2120839559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Oct 2021 17:40:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 22ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153851522244&ev=fb_page_view&dl=https%3A%2F%2Fwww.dll-files.com%2F&rl=&if=false&ts=1633542018796&sw=1600&sh=1200&at=

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 06 Oct 2021 17:40:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 54ms
31ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-190292-2&cid=269496191.1633542019&jid=576228060&_u=YGBAAEACAAAAAC~&z=1226927953

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUAi6yUKpzeLoNsufNtikfy67aOACRfsy_hC3oxHTsOb7EO1-p0uUsaMoCOmgSBbLEULRz6LL0p3EX7xdA3n7M= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 60ms
32ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUAi6yUKpzeLoNsufNtikfy67aOACRfsy_hC3oxHTsOb7EO1-p0uUsaMoCOmgSBbLEULRz6LL0p3EX7xdA3n7M=?pvid=6600E605-0A7E-46B7-90D1-33FEA8666B3D&anonid=96EC0AD5-8F31-4D69-A525-738BE13D990D

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.78HJpQq6Yao.es5.O/d=1/rs=AJlcJMwE5_WLRIbXViLFiLB5qBj8pkm9lw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RBFsqFobmyKo4fV5Ldcx1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RBFsqFobmyKo4fV5Ldcx1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-RBFsqFobmyKo4fV5Ldcx1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RBFsqFobmyKo4fV5Ldcx1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVOfUo-v9QySFnOTW4xzxizDfeiaeyKxwKTcQ7Z84gQ4Dm0pNIQxZa_6kDBs-KXmnqNG8dovHxF5D_IiZu30RY= Show response
fundingchoicesmessages.google.com/f/ 43 KB
16 KB 60ms
45ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOfUo-v9QySFnOTW4xzxizDfeiaeyKxwKTcQ7Z84gQ4Dm0pNIQxZa_6kDBs-KXmnqNG8dovHxF5D_IiZu30RY=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzNTQyMDE4LDkwMTAwMDAwMF0sIjY2MDBFNjA1LTBBN0UtNDZCNy05MEQxLTMzRkVBODY2NkIzRCIsIjk2RUMwQUQ1LThGMzEtNEQ2OS1BNTI1LTczOEJFMTNEOTkwRCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3LmRsbC1maWxlcy5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.78HJpQq6Yao.es5.O/d=1/rs=AJlcJMwE5_WLRIbXViLFiLB5qBj8pkm9lw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

f7e6240da6524a9743b001515b5a46f8908aa7026b72d271277c797f00128a72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbuoXzg3w7BYpyCcpHaASQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tbuoXzg3w7BYpyCcpHaASQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-tbuoXzg3w7BYpyCcpHaASQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tbuoXzg3w7BYpyCcpHaASQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stream
a3.pubguru.net/ 0
0 23ms
8ms Ping
text/plain 52.58.119.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-119-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dll-files.com
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
26 KB 41ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

01982439b9d0791cc7527b2d5f28f38f3378011368f4c69c6f561469f0194b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1007 / 39 of 1000 / last-modified: 1633518631"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25844
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Oct 2021 17:40:18 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 195ms
165ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7aac921465d72472ceb648adc85f8f62c19336dbd00da6afb6b577a8e4c00165

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.114.169; 216.131.114.169; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: db06baf2-fb61-410c-baa9-a0ecae67d982
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
650 B 68ms
22ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.3.0
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 65feaf79fcc97ce0cc60d36b87007c593c9e84190482b9ea83f93e04de20487a

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:18 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

GET
H2 200 arj Show response
monetizemore-d.openx.net/w/1.0/ 173 B
561 B 48ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monetizemore-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dll-files.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=70d49113-4ab5-40f1-a631-e0533346e251%2C70d49113-4ab5-40f1-a631-e0533346e251%2C79f85f1a-c8a2-4d33-91c1-10f01cee1454%2Ca69fc2ab-d1c9-4caf-8474-b135d7032af8%2Ca69fc2ab-d1c9-4caf-8474-b135d7032af8%2Ced73e375-237b-40aa-8c89-1e89f658272b%2Ced73e375-237b-40aa-8c89-1e89f658272b%2Cb24ae7ff-11bc-48c3-b1ec-c15cf63ff059%2Cb24ae7ff-11bc-48c3-b1ec-c15cf63ff059%2C090ecb4f-809a-4c4f-bcfd-b58d8120779a%2C090ecb4f-809a-4c4f-bcfd-b58d8120779a%2Ca4517160-ce5b-443f-8360-0fcac189f6fd%2Ca4517160-ce5b-443f-8360-0fcac189f6fd%2Cd126e87e-e132-41ce-8a50-fb38dc9dfecb%2C9d58b802-0f7e-4a58-8473-4a01d028bea4%2C9d58b802-0f7e-4a58-8473-4a01d028bea4%2C9e3e73c9-b891-4c84-8859-88f6fdfc3619%2Cf283947c-3840-4d56-9e54-1ed0a68b5a99%2Cf283947c-3840-4d56-9e54-1ed0a68b5a99&nocache=1633542018942&pubcid=b9252c58-c1c9-4e61-8def-2caba6f96daa&aus=300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C250x250%2C300x250%2C300x600%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C120x600%2C160x600%2C300x600%2C300x1050%7C728x90%2C970x90%2C970x250%2C970x415%7C728x90%2C970x90%2C970x250%2C970x415%7C250x250%2C300x250%2C336x280%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120&divIds=%252F1024326%252Fdll_bottom_banner%2C%252F1024326%252Fdll_bottom_banner%2C%252F1024326%252Fdll_file_page_in_text%2C%252F1024326%252Fdll_full_width_in_content%2C%252F1024326%252Fdll_full_width_in_content%2C%252F1024326%252Fdll_full_width_in_content_2%2C%252F1024326%252Fdll_full_width_in_content_2%2C%252F1024326%252Fdll_full_width_in_content_3%2C%252F1024326%252Fdll_full_width_in_content_3%2C%252F1024326%252Fdll_full_width_in_content_4%2C%252F1024326%252Fdll_full_width_in_content_4%2C%252F1024326%252Fdll_full_width_in_content_5%2C%252F1024326%252Fdll_full_width_in_content_5%2C%252F1024326%252Fdll_post_download_side%2C%252F1024326%252Fdll_post_download_top%2C%252F1024326%252Fdll_post_download_top%2C%252F1024326%252Fdll_post_download_top_box%2C%252F1024326%252Fdll_top_banner%2C%252F1024326%252Fdll_top_banner&auid=541080632%2C541080633%2C541080673%2C541080677%2C541080678%2C541080687%2C541080690%2C541080699%2C541080700%2C541080703%2C541080704%2C541080705%2C541080706%2C541080710%2C541080723%2C541080726%2C541080755%2C541080759%2C541080761&
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: e6394287c507fab047be9462ff52b0206943fb0e6f99ee08adc0357f9f0ad468

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: gzip
server: OXGW/16.216.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.dll-files.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 125ms
89ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149ad5bab01b1&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: e09c1593c75a65ba3cf9602fcbdcb515339d4a9cf006e988dad52648216b531e

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 87ms
51ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a49aff0a901b1&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: e588395f82b044556b17b4be4967a62954dd564fa0c0b5ab6c83253e37dde093

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 89ms
53ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049b285130186&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 285fe0dc67fac6b8a1401938007ccbdc445649335ef30a844361270fd2142353

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 127ms
92ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049b3fc1a0188&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: df6102020e3cbdd9ca59c76bbc9bf69f45190bb33307478fd7393b94fbfcd348

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 114ms
79ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149b4e06c01b4&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2b64412232b14210c87e90d889dc51ec97300bbc65b7fff346e858c6e2e8dc41

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 240ms
205ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149bc1b1501b5&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: da32d12363d98b8d4577418ebb25e4d19901cabcf9d8853741de5db424c7d867

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 178ms
91ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a49be088a01b3&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 50e719d4da0f57b8603cd602fdab265869991986361b937ec07419f801e1ffb8

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 174ms
85ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049c1e655018b&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2bec5c292e947914a35499fb2c29368226f0b0c7690ef0bf3852e53c44dfb00a

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 172ms
58ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149c5924501b8&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2d2eaf65bdbab7dd46d7400f85d319363d54ab8f7e7930e707976eb04a0a8992

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 202ms
78ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a065f6a0224&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 8ad2460515e6ebbd66837191126b6e1f5ceddbcd16d5cb2bd77760fba0717a43

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 175ms
49ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a06cf2c0225&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2b20751583209d9ac68dfbf6deee8f0a0867f343f0c5c77f43ec9068f42634b9

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 239ms
67ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a071ef60226&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 579e5aa833317945ba16620d8335342f706c4cc0fb0c2969096bcba3231284f6

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 224ms
51ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a076e620227&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: c5a10830c7e4be7f8e95525e54b60bd978a2fdd1d450dae2b2d1c0c8142d6300

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 251ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a07c14401f5&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 3544434c00ba11fff534442fd3d8940b3b8be9f79fbf0b5724456004037fdc2b

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 274ms
97ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca014a0819820206&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: bb3c471d4de9c03c4a780f7ce2448a4c7058f3dcee839060458dad21a08e119a

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 265ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a0886230228&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 4da2dda51c28bbb24fd30340933a5797bceb3f20c7446e68552ea589aa15626a

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 386ms
162ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a0989c801f7&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 08e5b313cb5fbd56cae0b7854a87598a8cf58bade099ff00f9f49c4fd0487352

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 313ms
75ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a0a753401f9&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: a05e663f1e7d4112b967493a795c25c4f1f029adc46d370e9774bd9990ab351a

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 302ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a0ae710022d&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 889c4a291dd953f95ce70c88578e39aef4994ca21cfdb44c88c07137766aff08

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
477 B 341ms
90ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c690530fa74b0401&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: cdd64aec6602e6d145259410417777dc04244cc23d1154b6e0a910ba9edc73f4

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:19 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 100ms
56ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dll-files.com
date: Wed, 06 Oct 2021 17:40:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 52ms
22ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3a67fb84372f660ad0114c2e869e5e6165eca04367883b74af8925c74ab2f25e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 17:40:18 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.114.169; 216.131.114.169; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 259ab16e-2216-4659-8db3-28a73683be3e
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dll-files.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 49ms
26ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-190292-2

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2b3b64a5bfa0a16c963a014fe89bd11b8cd8ae49ee3b93c8598b708e028348ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39157
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 17:20:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Oct 2021 17:40:18 GMT

POST
H3 204 AGSKWxWvdhKoKXcIHhC6_W1SuQM2jHeu0SoP55rVxQJvcFSFLoR93WpVoOhBshA8SQYqWVohJA5hUceTgmpltu5Rf7cBCMm2mtOjpZxautbt0dP1EhLwAZjlfmLn4ply9TI90z_bbIr8_KS7MKdXwpfHE-DGw5e1BKbXGH0-cGT1FOIW2K3_w0nOixp4TuXK Show response
fundingchoicesmessages.google.com/el/ 0
27 B 29ms
28ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvdhKoKXcIHhC6_W1SuQM2jHeu0SoP55rVxQJvcFSFLoR93WpVoOhBshA8SQYqWVohJA5hUceTgmpltu5Rf7cBCMm2mtOjpZxautbt0dP1EhLwAZjlfmLn4ply9TI90z_bbIr8_KS7MKdXwpfHE-DGw5e1BKbXGH0-cGT1FOIW2K3_w0nOixp4TuXK?dmid=78bac53933b77b61

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.9vNdg7_tINg.es5.O/d=1/rs=AJlcJMxOaYgC5-UN7VYuIjFCsmLqkVgmmw/m=iabtcfv2signalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1l1NxKllEI+5RXjwkZIOzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1l1NxKllEI+5RXjwkZIOzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:18 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1l1NxKllEI+5RXjwkZIOzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1l1NxKllEI+5RXjwkZIOzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVxKtLOdhE9hKx_K7i88ozTc7yZuMWfoVcLvkUyekt_SuO0-u7pOVwDI4XRnZy_Idj-9VwUj7uISrYDBunO3XrutFYvi68rH5zG0nq3-AfAan2lTBFIbvlUwBobUQMhI-7pqd6mWXFeVIw8H7ecS-oMAYjmK5eDuYCn-j0SVGaqZrjA-dxHmjmnfyxK Show response
fundingchoicesmessages.google.com/f/ 60 KB
22 KB 46ms
46ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxKtLOdhE9hKx_K7i88ozTc7yZuMWfoVcLvkUyekt_SuO0-u7pOVwDI4XRnZy_Idj-9VwUj7uISrYDBunO3XrutFYvi68rH5zG0nq3-AfAan2lTBFIbvlUwBobUQMhI-7pqd6mWXFeVIw8H7ecS-oMAYjmK5eDuYCn-j0SVGaqZrjA-dxHmjmnfyxK?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzNTQyMDE4LDk4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsbnVsbCwwXSwiaHR0cHM6Ly93d3cuZGxsLWZpbGVzLmNvbS8iXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

d15980f836ad199e34a300666fcbaf81397e830114cdd8d6b3a18e5b2b3360f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OLLvuLiUlCOpZ8svf6qHlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OLLvuLiUlCOpZ8svf6qHlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-OLLvuLiUlCOpZ8svf6qHlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OLLvuLiUlCOpZ8svf6qHlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021092301.js Show response
securepubads.g.doubleclick.net/gpt/ 338 KB
119 KB 68ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121150
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 91 B
744 B 56ms
21ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dll-files.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6d21727a5c91f29a56caf3c09adb9fd8219623ff64ba94b745c67eea4a324a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Wed, 06 Oct 2021 17:40:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=126551461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dll-files.com%2F&ul=en-us&de=UTF-8&dt=Download%20missing%20DLL%20files%20for%20free%20%7C%20DLL%E2%80%91files.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADAAAAAC~&jid=1100397094&gjid=692200337&cid=269496191.1633542019&tid=UA-190292-2&_gid=1161073315.1633542019&_r=1&gtm=2oua40&did=i5iSjo&z=1060380870

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 42ms
21ms XHR
text/plain 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-190292-2&cid=269496191.1633542019&jid=1100397094&gjid=692200337&_gid=1161073315.1633542019&_u=aGDAAUADAAAAAC~&z=393686271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Oct 2021 17:40:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 67ms
37ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-190292-2&cid=269496191.1633542019&jid=1100397094&_u=aGDAAUADAAAAAC~&z=1401090011

Requested by

Host: www.dll-files.com
URL: https://www.dll-files.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 59ms
23ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dll-files.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
28 KB 701ms
687ms Other
application/webbundle 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3824815636682496&correlator=2266944161067070&output=wbn&wbsu=bb2aa9c2-2814-4848-baa5-44892ec1cbc4&callback=googletag.wbn1&impl=fif&eid=31060545%2C31062463%2C31062324%2C21065725%2C31062948&vrg=2021092301&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211006&iu_parts=1024326%2Cpg_interstitial_dll-files.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=m2_canonical%3D47d070b119d57db39bb696b5d51bda06%26m2_canonical_session%3D47d070b119d57db39bb696b5d51bda06%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633542019&dt=1633542019146&dlt=1633542018459&idt=658&frm=20&biw=1600&bih=1200&oid=2&adks=1351765745&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=269496191.1633542019&ga_sid=1633542019&ga_hid=126551461&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28693
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:bb2aa9c2-2814-4848-baa5-44892ec1cbc4 Show response
/ 1023 B
1 KB 708ms
708ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:bb2aa9c2-2814-4848-baa5-44892ec1cbc4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

d3e0afbdee3d44e9b1c37bde7025eb048ecce864b2c351cb4fed2507abc84187

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 pubads_impl_page_level_ads_2021092301.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 33ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021092301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

3d265464ffea3c44cb0dd5d5c38da3019243e847b99c7f5c51aa1a5904f21d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dll-files.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
21 KB 365ms
364ms Other
application/webbundle 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3824815636682496&correlator=69417036070159&output=wbn&wbsu=4ad57263-407d-4a93-918f-140196609825&callback=googletag.wbn2&impl=fif&eid=31060545%2C31062463%2C31062324%2C21065725%2C31062948&vrg=2021092301&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211006&iu_parts=1024326%2Cdll_bottom_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C468x60%7C728x90%7C970x90%7C970x250%7C980x120&prev_scp=m2_pageview%3D5994-210610-425%25401%26m2_session%3D5994-210610-425%25401%26m2_canonical%3D47d070b119d57db39bb696b5d51bda06%26m2_canonical_session%3D47d070b119d57db39bb696b5d51bda06%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633542019&dt=1633542019352&dlt=1633542018459&idt=658&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=995&adks=125749252&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1585&msz=1600x72&ga_vid=269496191.1633542019&ga_sid=1633542019&ga_hid=126551461&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21714
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:4ad57263-407d-4a93-918f-140196609825 Show response
/ 534 B
660 B 367ms
367ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:4ad57263-407d-4a93-918f-140196609825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

e3f998c50a4f2dc7caa91f9864b5ec4e38903c4f52ff15d7719d02b7797c6474

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
31 KB 413ms
413ms Other
application/webbundle 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3824815636682496&correlator=2171214180285233&output=wbn&wbsu=e876d1c8-30d2-479e-b4d9-f0916da40b02&callback=googletag.wbn3&impl=fif&eid=31060545%2C31062463%2C31062324%2C21065725%2C31062948&vrg=2021092301&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211006&iu_parts=1024326%2Cdll_top_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C468x60%7C728x90%7C970x90%7C970x250%7C980x120&prev_scp=m2_canonical%3D47d070b119d57db39bb696b5d51bda06%26m2_canonical_session%3D47d070b119d57db39bb696b5d51bda06%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633542019&dt=1633542019355&dlt=1633542018459&idt=658&frm=20&biw=1600&bih=1200&oid=2&adxs=256&adys=215&adks=4189499360&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1152x422&msz=1089x72&ga_vid=269496191.1633542019&ga_sid=1633542019&ga_hid=126551461&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31264
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:e876d1c8-30d2-479e-b4d9-f0916da40b02 Show response
/ 531 B
657 B 415ms
415ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:e876d1c8-30d2-479e-b4d9-f0916da40b02

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

eb3e501fb76cbd4eb519a2a89061eed4ca27dd3cd6eb96fa86d7fb3d13ad9100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
30 KB 417ms
417ms Other
application/webbundle 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3824815636682496&correlator=3701580210384652&output=wbn&wbsu=b5173aa0-77d9-4e50-bb1a-f53a93d2cf37&callback=googletag.wbn4&impl=fif&eid=31060545%2C31062463%2C31062324%2C21065725%2C31062948&vrg=2021092301&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211006&iu_parts=1024326%2Cdll_anchor_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C1x1&prev_scp=m2_canonical%3D47d070b119d57db39bb696b5d51bda06%26m2_canonical_session%3D47d070b119d57db39bb696b5d51bda06%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633542019&dt=1633542019356&dlt=1633542018459&idt=658&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=2488649843&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1585&msz=728x-1&ga_vid=269496191.1633542019&ga_sid=1633542019&ga_hid=126551461&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31154
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:b5173aa0-77d9-4e50-bb1a-f53a93d2cf37 Show response
/ 534 B
660 B 419ms
419ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:b5173aa0-77d9-4e50-bb1a-f53a93d2cf37

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

87fee6ed34184b18520b2c3e541a99804038d3bb3c3955d88e491927135d5fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adoverlay..dartconfig.js_480x60- Show response
fundingchoicesmessages.google.com/f/AGSKWxW6WtYxZMYyVCv67xHr_RX7lCyY6hG3qWvcF_T5wYG1VNk_n7XOeexvvYsaGu9GrmWu7WeEbeThYpECggVl3zDXYR9yNx40168aCkETT_YS-o5QgC25JaD16lfRWIKK02oOJGV4M2fvPGAFDUhzQVocpG5kk... 54 B
106 B 23ms
23ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW6WtYxZMYyVCv67xHr_RX7lCyY6hG3qWvcF_T5wYG1VNk_n7XOeexvvYsaGu9GrmWu7WeEbeThYpECggVl3zDXYR9yNx40168aCkETT_YS-o5QgC25JaD16lfRWIKK02oOJGV4M2fvPGAFDUhzQVocpG5kkGmA1xh1QHQNli4JhvzsbPIdSSm8gRCO-SZZNb0WcdNGj0vDyMURHcofANJdrxwOj45jaaClFVdtfrsgOtM=/_/ad-layers-/css/ad./adoverlay..dartconfig.js_480x60-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

eeb62172b39717e92dac869e6626d3067008b718bc12a7d741c6bbb00506b197

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/kpWY0rZ6lPIz+BHOzMV9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/kpWY0rZ6lPIz+BHOzMV9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-/kpWY0rZ6lPIz+BHOzMV9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/kpWY0rZ6lPIz+BHOzMV9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 76 KB
28 KB 51ms
14ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

231f99e8070e670f5a82776416027759e250d231b29befc8827f5d53b76780d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28250
x-xss-protection: 0
server: cafe
etag: 3998799479299038256
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 18:29:56 GMT

POST
H3 204 AGSKWxWzJv5hCIpX4XkMEXVwiGCW-w71suRfwcPL0Nc-yrAO8Lq-pXUsJGzwu2AN46CJeZZ3b02zxfYGIEf_mmSzcdgMs18zvp2ZkitWsFmsZuCZ533P3Lwx_BImFIBEiX1R_Y35MvlA6sXLbTvY2SwQL2S6IE7hj0oK-TrjaKE4pAUB3ZdATA_bJh3piBTD Show response
fundingchoicesmessages.google.com/el/ 0
26 B 30ms
29ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWzJv5hCIpX4XkMEXVwiGCW-w71suRfwcPL0Nc-yrAO8Lq-pXUsJGzwu2AN46CJeZZ3b02zxfYGIEf_mmSzcdgMs18zvp2ZkitWsFmsZuCZ533P3Lwx_BImFIBEiX1R_Y35MvlA6sXLbTvY2SwQL2S6IE7hj0oK-TrjaKE4pAUB3ZdATA_bJh3piBTD

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LtHxuJhgx1pYh8GMGDKNvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LtHxuJhgx1pYh8GMGDKNvw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-LtHxuJhgx1pYh8GMGDKNvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LtHxuJhgx1pYh8GMGDKNvw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0z/Oh9v+BO038Mndnqjzog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0z/Oh9v+BO038Mndnqjzog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-0z/Oh9v+BO038Mndnqjzog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0z/Oh9v+BO038Mndnqjzog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c Show response
/ Frame D248 66 KB
66 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

e9ab9f7f26efee8ef848c70217cf34847735d3ff124f7e0d379996f24d0255ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SnQ3X6nJeicna4E+6e/BeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SnQ3X6nJeicna4E+6e/BeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-SnQ3X6nJeicna4E+6e/BeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SnQ3X6nJeicna4E+6e/BeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUnOjzJgkgSE0Hi-Vl7KdXayLDtTYMdjUDujgI2smQPWwk1mMXIwt03xxXFHd-tMunzjyWoZsNbajrdMOYsFM85MjfEYSxcG4qBMdyeaII2GL9bg_rvKJqll9wl3VnkoW0bdqvZCYxZXyNyvC_2QqfcHwTzGmmrTi2KEZWvSfkLLOA_KE62u3kBRM4z Show response
fundingchoicesmessages.google.com/f/ 44 KB
16 KB 42ms
42ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUnOjzJgkgSE0Hi-Vl7KdXayLDtTYMdjUDujgI2smQPWwk1mMXIwt03xxXFHd-tMunzjyWoZsNbajrdMOYsFM85MjfEYSxcG4qBMdyeaII2GL9bg_rvKJqll9wl3VnkoW0bdqvZCYxZXyNyvC_2QqfcHwTzGmmrTi2KEZWvSfkLLOA_KE62u3kBRM4z?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzNTQyMDE5LDc1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLDBdLCJodHRwczovL3d3dy5kbGwtZmlsZXMuY29tLyJd

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

83144cda06b2ec50856eaa3d4a218f28e49fc92d929dfe471548074c1bba6202

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pM4wHt2PPnP5zz4ST5lYdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pM4wHt2PPnP5zz4ST5lYdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-pM4wHt2PPnP5zz4ST5lYdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pM4wHt2PPnP5zz4ST5lYdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.D0SnzadpSa8.es5.O/d=1/rs=AJlcJMypItgwvIG5UKDGKKOLdivJLn0O2A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8DPE9zooZOAT3IhYfw/trQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8DPE9zooZOAT3IhYfw/trQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-8DPE9zooZOAT3IhYfw/trQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8DPE9zooZOAT3IhYfw/trQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D248 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5953
date: Wed, 06 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 06 Oct 2021 18:01:06 GMT

GET
H2 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D248 84 KB
30 KB 30ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 06 Oct 2021 17:54:17 GMT

GET
URN 200
OK uuid:80332d7a-366c-3264-2b13-3264366c8033 Show response
/ Frame 1685 95 KB
95 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

a0659277913d59bd68581637a5aef62bff0c7dc7ca8dd97fa70461d7ea140a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
URN 200
OK uuid:266a622a-cc50-bc84-6a73-bc84cc50266a Show response
/ Frame 797B 94 KB
94 KB 1ms
1ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

afa83db9dd705c009f27f7e95a9fec771890166f73cbeff514ead7d26f88621a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 1685 18 KB
7 KB 27ms
9ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:16:42 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 1685 3 KB
1 KB 33ms
16ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:38:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1685 122 KB
37 KB 82ms
56ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 1685 14 KB
6 KB 28ms
11ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:39:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1685 0
0 21ms
21ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZRUb88rt2W4Zlvv3zKH6ZZWVEmmz7lnX52xhLiHMpNJeRUd_Th2JnWuRkrXIoTVvuO-BtEy_JOuOC_cmG8z1W6oagZA
Requested by: Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame D248 18 KB
7 KB 27ms
13ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:16:42 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame D248 3 KB
1 KB 29ms
16ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:38:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D248 122 KB
37 KB 55ms
32ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame D248 14 KB
6 KB 19ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:39:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D248 0
0 24ms
24ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyxolKMx-ttRrIDmOdPLZlfAXz3Cyku6FOVeZApxmoWWhbn40QOFteh9VJlEOkzGV-CDtr9FE79oGKIQwbD9txKzQ5qg
Requested by: Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D248 42 KB
43 KB 35ms
7ms Image
image/jpeg 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSHKllVDATWXVZq5q7ZsNDiZXkCFxv8hsRDPlIiClKGruEJ-UX_YPVz_Oq5nvE&usqp=CAI

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

2a962ada915b19a2fc687e834d28c7cb0e3a8644f8b37016774e0a722c547e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 11:59:58 GMT
x-content-type-options: nosniff
age: 279621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43184
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:03:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 03 Oct 2022 11:59:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D248 40 KB
40 KB 44ms
16ms Image
image/jpeg 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfulEhE2SvplI0Hc9x3oqBPYHUUHIDBfPukBbL_4h6NFkXUktZWMnotTUfnHc&usqp=CAI

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

b55c7c491e3e1b9ec3642066803df73333b85768bda8e7c275a3d7dd1bdd3342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 11:01:12 GMT
x-content-type-options: nosniff
age: 455947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40713
x-xss-protection: 0
last-modified: Fri, 24 Aug 2018 00:05:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Oct 2022 11:01:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D248 38 KB
38 KB 34ms
6ms Image
image/jpeg 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTNF31fNzF-CoFyxx_4duwil9EcJRq7RUlHgOZ2UJPyYeUV9qqIbCZabDkmDA&usqp=CAI

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

72bda6f4dac651802113769bcd44a46b6246b53cda67497e8d4894aabb7b687c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 17:53:41 GMT
x-content-type-options: nosniff
age: 171998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38524
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 19:03:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Oct 2022 17:53:41 GMT

GET
H3 200 5227548165589014686
tpc.googlesyndication.com/simgad/ Frame D248 14 KB
14 KB 25ms
13ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5227548165589014686

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

b6d5f2db4851a5e21f3ad2443c9c9732aa186f070faed502edeb8e5d6b7930d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 08:23:12 GMT
x-content-type-options: nosniff
age: 206227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14703
x-xss-protection: 0
last-modified: Sat, 09 Sep 2017 14:32:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 08:23:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D248 0
0 52ms
52ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZgezg99dYcqkGISI7gPEsofIBcvXz7NN6KLw-94FiprL39MEEAEgueiOTmDJBqAB2qft5wPIAQmpAryMMNwcXLM-4AIAqAMByAMKqgSEAk_QQtDAHC7D41lpl1Ft1q8GfJ4zfM08URfFDhGp1_1lWnn_mWNEO9P-78BxUp1dPUhylUnU7UMPNFznd6_pOgCkky_3N1WubNhR8bKx_6vgaRQxB-brtOMABMzmbRMzKuHC4WjdtOwcXrWa4UFs9NZ-jyZjVlIu-hu1O3Kj6xKS251qumEc8GSMtwuro7OGSwcodv3y_CXmr1ADQFUnrTnl-ZZ0bcT3Kj3RS7sKbRz9PU_jfWEVk8bOcSYTeMlzacXloEQBxgftK8-DhTMD7CFgbmmFJA1qpQyuJxOOt2-2ep5jMDNv05IIg4m3dCLvdG_PfxdqHtVzZ_xprUTqdTrMUWKRwAS6s4iwbeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeO2JIYqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQjfoH0ggHCIhhEAEYHfIIG2FkeC1zdWJzeW4tMTk2OTczODkwNjE1OTUwM4AKA8gLAdgTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi01Mjc4OTczODg4Nzg2MzM0GJb9Bg&sigh=OSVFVa0LUfM&template_id=311
Requested by: Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/ Frame 9629 36 KB
10 KB 12ms
11ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

966320c020e60a88c6c111766271f91c374405ae567ecda4e139608e6569159f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6364298811678419661/728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 05 Oct 2021 05:27:26 GMT
expires: Wed, 05 Oct 2022 05:27:26 GMT
last-modified: Mon, 21 Jun 2021 17:14:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 10323
age: 130373
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1685 0
0 48ms
48ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoHOpg99dYdbJGOHCx_APlfyUYPWAtc9ly5ePuI8Owcbpj_UIEAEgueiOTmDJBqAB7JON4APIAQngAgCoAwHIAwiqBO0BT9DQb6Vwz2541XUWOqpPpN09B64akE_uN70T_OExZCJpjH_UfHm079MFjnge7lEDnJaE06FCN3ioQ7XOryjR7YGW4vQ-plkLqdWI4XQlvbJu_ofwgiJv3liWP559qPYiYJfnkj5egr2aViK4sJSiUaf05aATv64WGzaI8UOjrXRtlb05pISrtjfsk9Z6kTWYH1k7PTqlYK8iPWFhtIFc1dv5O2aKkEBODD2kEN0yRKLmo9hOAx36cpl6xtQL3BlptEhKahWk7vv_ISpLg6TDIRXFecfNxKxpKf9p75yh88BUm08QCX2UQgiN10CVwATUmrewkAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_OvyH6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ3bIZ0ggHCIhhEAEYHfIIG2FkeC1zdWJzeW4tMTk2OTczODkwNjE1OTUwM4AKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01Mjc4OTczODg4Nzg2MzM0GJb9Bg&sigh=PgpnYgawzzg&template_id=419
Requested by: Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H3 204 AGSKWxWOv_Ai5VhXHWsMef7VC8EPq13AagVronnqJRFuPP1e2B9Ki0RgJKTsFFdN2bhx13wss2FKUICcFXuHEhgWGCwSCG__V7NjxGVpvpCRZxN8afNYzqmlT5W3A2jz1oxsqeGPJtqyBcrKeMWPkEVvcFFTLkNSfg8k9aJE6atzofe9EyzM42VR9sumvmZJ Show response
fundingchoicesmessages.google.com/el/ 0
26 B 29ms
29ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOv_Ai5VhXHWsMef7VC8EPq13AagVronnqJRFuPP1e2B9Ki0RgJKTsFFdN2bhx13wss2FKUICcFXuHEhgWGCwSCG__V7NjxGVpvpCRZxN8afNYzqmlT5W3A2jz1oxsqeGPJtqyBcrKeMWPkEVvcFFTLkNSfg8k9aJE6atzofe9EyzM42VR9sumvmZJ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.SAp9Txrv_TM.es5.O/d=1/rs=AJlcJMzXcgF7KuMvxGME2TidEPLYlgeM5w/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G3QcJtzkVKm4jciT3ZP0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G3QcJtzkVKm4jciT3ZP0kw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-G3QcJtzkVKm4jciT3ZP0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G3QcJtzkVKm4jciT3ZP0kw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gcuG21quWAK4bw+DyXiDCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gcuG21quWAK4bw+DyXiDCw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-gcuG21quWAK4bw+DyXiDCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gcuG21quWAK4bw+DyXiDCw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 797B 18 KB
7 KB 9ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:16:42 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 797B 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:38:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 797B 122 KB
37 KB 46ms
45ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 797B 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:39:09 GMT

GET
H3 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/ Frame 458B 36 KB
10 KB 7ms
7ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

966320c020e60a88c6c111766271f91c374405ae567ecda4e139608e6569159f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6364298811678419661/728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 05 Oct 2021 05:27:26 GMT
expires: Wed, 05 Oct 2022 05:27:26 GMT
last-modified: Mon, 21 Jun 2021 17:14:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 10323
age: 130373
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 797B 0
0 46ms
46ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF3Ozg99dYd-qGMKBgQf-gbdQ9YC1z2XLl4-4jw7BxumP9QgQASC56I5OYMkGoAHsk43gA8gBCeACAKgDAcgDCKoE5wFP0Jmv-pbU3Sv6rQh-Ud5UT-cIXhDBweNNSCkCHu1pZraC1h1GRCo12fUNMxM2zcn9el9IixY9MLRybHlQgnEwhGjaXdi7ZrfEqELomSaxvQOFaWBpNm8wXDv2BNiQUIM6RWFGI-PQ_9_b3T3_LYq24YmsliF_2oZP3_gTDwtD_rR6YdofEYSoHExgEmZ5G-e2SPIwBITblnweDeIkk11zlRNqdpsgwuMdxyhHuQ8NeFdsiuvOxuiaHaxlUjNfIZ8nbLRNBycJ4tgkieus6bYTeFjeiurmOJmjcDUBkpkGWzP874sPliXABNSat7CQA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf86_IfqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCc_VzSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0xOTY5NzM4OTA2MTU5NTAzgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTUyNzg5NzM4ODg3ODYzMzQYlv0G&sigh=JKrlKnHn-v8&template_id=419
Requested by: Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D81B 143 B
446 B 30ms
8ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 17:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC11 143 B
198 B 29ms
8ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 17:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
URN 200
OK uuid:45b39f5c-4688-4de3-90e3-4de3468845b3 Show response
/ Frame C4CB 107 KB
107 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

37639c378ce4d0cca7a03771cbcdb827b756915909a5aad0ed2018ad6b821668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBB2 143 B
198 B 12ms
9ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 17:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D248 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2721500d9781d11ced3460b8f5f95338c0ba8ace1e5149c8f3b9489587d602e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9629 9 KB
3 KB 7ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Oct 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9629 26 KB
10 KB 8ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 06 Oct 2021 23:30:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9629 236 KB
63 KB 40ms
19ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 17:40:19 GMT

GET
DATA 200
OK truncated
/ Frame 1685 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b68247ebe3d3169bc05b487c345a8b88839856aae1aa8a412dd5f255765cdbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 797B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab81bd83dcc454dc4086bccc4b06a6fb5bbe3ff27dbfcccf8a46a0fd18588b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame C4CB 4 KB
1 KB 57ms
22ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 16:39:06 GMT
server: ESF
date: Wed, 06 Oct 2021 17:40:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 17:40:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4CB 205 B
764 B 29ms
7ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 10:48:14 GMT
x-content-type-options: nosniff
age: 24726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Oct 2022 10:48:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4CB 604 B
695 B 29ms
7ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 10:45:49 GMT
x-content-type-options: nosniff
age: 24871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Oct 2022 10:45:49 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/ Frame C4CB 17 KB
7 KB 7ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7627
x-xss-protection: 0
server: cafe
etag: 14532344818667626787
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:37:26 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 458B 9 KB
3 KB 7ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Oct 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 458B 26 KB
10 KB 7ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 06 Oct 2021 23:30:30 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 458B 236 KB
63 KB 50ms
28ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6364298811678419661/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 17:40:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D81B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

53ms
52ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: uuid
URL: urn:uuid:80332d7a-366c-3264-2b13-3264366c8033

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 18:40:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 17:40:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC11
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

53ms
53ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: uuid
URL: urn:uuid:8f5c05f0-1afe-2d4f-0921-2d4f1afe8f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 18:40:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 17:40:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBB2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

54ms
52ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: uuid
URL: urn:uuid:266a622a-cc50-bc84-6a73-bc84cc50266a

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 18:40:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 17:40:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 9BF1 3 KB
580 B 32ms
17ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 16:37:01 GMT
server: ESF
date: Wed, 06 Oct 2021 17:40:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 17:40:20 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 9BF1 1 KB
864 B 6ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:32:19 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 9BF1 18 KB
7 KB 6ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:16:42 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 9BF1 3 KB
1 KB 7ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:38:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BF1 122 KB
37 KB 25ms
24ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 17:40:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 9BF1 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:39:09 GMT

GET
H3 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 9BF1 26 KB
11 KB 21ms
7ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 10:35:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3BB5 143 B
163 B 40ms
16ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 17:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3BB5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

54ms
54ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: uuid
URL: urn:uuid:45b39f5c-4688-4de3-90e3-4de3468845b3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 18:40:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 17:40:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 17:40:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

/
www.facebook.com/login/ Frame 4A9A
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?app_id=153851522244&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df572d0644c0af%26domain%3Dwww.dll-f...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

144ms
144ms

Document
text/html

157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df572d0644c0af%2526domain%253Dwww.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.dll-files.com%25252Ff338a820d962528%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6dcc32a8108111b2be7867c19f55a34e

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df572d0644c0af%2526domain%253Dwww.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.dll-files.com%25252Ff338a820d962528%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dll-files.com/
accept-encoding: gzip, deflate, br
cookie: fr=0jCA647s72BOiHWvX..BhXd-C...1.0.BhXd-C.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
set-cookie: fr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1633542019; path=/; domain=.facebook.com; httponly
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +y53P0lzVdF+dTRoKnvu9ST3V4bWemA67E+9vvk9ohLihkFsCasUcS7bpFcoldrKRhlXSgALn33YRFaLCSOzqg==
date: Wed, 06 Oct 2021 17:40:20 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df572d0644c0af%2526domain%253Dwww.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.dll-files.com%25252Ff338a820d962528%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: GcbaIejEkJF7ui3TDfbvh8VoKWXLQzZN8kR64C9ga2kcxBoEfGaNNZgPdGetK19ayHnhenAOSuVxYw+YPfxHyA==
content-length: 0
date: Wed, 06 Oct 2021 17:40:20 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
20ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2876d82229e7d23eb432e577bd228a1276ae7dd1bc91ed0abfdf76a866d932a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8539
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 06 Oct 2021 17:40:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CF4C 12 KB
5 KB 7ms
7ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 06 Oct 2021 17:38:32 GMT
expires: Thu, 06 Oct 2022 17:38:32 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32A4 783 B
537 B 24ms
24ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

da9f081b4b1449e319ce8c64b7faef0d329a2f7218cac25e329dacb2de76b9cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f0U05RkDfItvV2At4zDQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 06 Oct 2021 17:40:20 GMT
date: Wed, 06 Oct 2021 17:40:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-f0U05RkDfItvV2At4zDQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame CF4C 35 KB
13 KB 22ms
7ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32A4 0
0 59ms
58ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092301&jk=3824815636682496&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092301&jk=3824815636682496&bg=!lpWlldHNAAZE-GIIRPg7ACkAdvg8WoN9jCIJAcE1pRqFqVwEF6KjCWMQBscc4wL-_s8EhN0hVhlDvQIAAABbUgAAAApoAQeZArcjxSQKsNXQfbaOvuCsVC5WvE1ljc-lcRHv6W544m4SV_wwkqCHw7Pk7KewGJg1sUbzsXbB-1MYlACcCLuuJHKEH0TZDHEeNVIv3VGpYm7sEqZQD_dMpwmWB4AqALwPE-4ArU27H-_cGDlMz1OHZ6KoK1RPO84pm8cD6zXmQ_TbswJ5-e2kONQjdizdYqK_ExgcmS9MDDZcZp__EgsQkmf2uMYDYaAi5fhQU4DFrj1xDXmXvtG982wIzfKchxqwJVEME9p74MTmIIJoODaHsArs_rnxU1Cv3QF_7CVcEwAh5wH2K1dmzjmpsRqMaZh8PZsCtkC0XhEgG1vk9edCIVGhG6f5t426sXqoKfXqRuvhdlrUZ6Jmpot5gBoHeJLaFWYEkdnL73sCRun1dmQ2_30CeHMm6BLRUhmv7RDay3APvd4dI-ykvXey4WhIQA-HGxYdPZxF6ONaWB2XlXZ-IH-qHE1qcrl8_-IsN7PJzSZNgABO1QBBn9XO1cQrfbwNtxwxZNSh4G8wwTqNAwv3TYVaKSKLJx6YtbZLBDnrJW-J3ivZ4qf3hjwhUO5e4FVQdhShSLuJpWTkHrBJlkNO-_-FehMSU9LRGYJjoSVQ24I0KAWcTDhSe-15CeuWIjLcSwqHHw5t76e3k70reiC39alt0lQMbL-uRaJrcgCW-Nc3XxUYQZKN1xI1o7rK5haAVXLpkQrBQipHVCq-S8N52s1d2f7H4kpGforMAEGQdDvdQq1IuZ0O_rZApFc-_89G1jcFn5Q4-7iINe5i86Ill940wAs0Z_1Q4ZFMN1s04ew4G3cJgRvKvLaqYuRTsoP5yhKHvjrtJtSW_99peGqvzV0rjFJ4fgtbFDgq6PSdcYqg80G5Z8cLcJ4VcvD04npUyRvDgIP_f9LA1c1QANjjSaiOu5WMPZXT4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
354 B 13ms
13ms XHR
text/plain 52.58.119.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=arinterval

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-119-106.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://www.dll-files.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 3
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1685 42 B
64 B 31ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8JtC6fNdnAd1HQguzuKdZx-9qw3hgMx5aDE5f-s7kjdsYWLDKu8IDpvVl3K70P1YilJKWbVJuUg5iDlXmDXEeBXak9Vfajzq-FsjlzeoeKCqq7dg&sai=AMfl-YSLxUSyei-A4gwX6UTPXIfdc8EK27O6rILqdGDjSxBeRHQ6rNSyn7gOnmwhCGa4H1CTtr6kOute2fvHb-NrGHofXSM3PykkxLoWopOCE1poTZJLTmhLygRKUWck91E&sig=Cg0ArKJSzGOORHIprZGVEAE&id=lidar2&mcvt=1000&p=0,0,90,728&asp=215,436,305,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4189499360&rs=4&met=mue&la=0&cr=0&vs=4&r=v&rst=1633542019782&rpt=195&isd=0&lsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 797B 42 B
64 B 30ms
30ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1c4y9ZuIMPGW7TRYsFtqKX265eeGNvGKX0OwOOrNG_x8Wb3q-bTU2KQg-na25D6wUvelcLlPNxIfwPjid7_a7kMqZ4p7WGDLclAiPmn0xqZjIw7s&sai=AMfl-YS7dO6bU5AONN_Pdp-rHUazN0EQA7q8xEPMql16LrZfDZRB2kU423rd5HZxz1CmdNMRLmNC5n5OXe6xw2xw_R2nzDqFbrd0XIpa00OCENG0oxh6inFT9rR8oETLOps&sig=Cg0ArKJSzB_aylfRqVhNEAE&id=lidar2&mcvt=1000&p=0,0,90,728&asp=-90,0,0,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2488649843&rs=4&met=mue&la=0&cr=0&vs=4&r=v&rst=1633542019799&rpt=221&isd=0&lsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7ACE 38 KB
14 KB 38ms
7ms Document
text/html 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=65014
expires: Thu, 07 Oct 2021 11:43:56 GMT
date: Wed, 06 Oct 2021 17:40:22 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3CCB 995 B
1 KB 35ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dll-files.com/
Accept-Encoding: gzip, deflate, br
Cookie: icu=ChgI9p9dEAoYASABKAEwg7_3igY4AUABSAEQg7_3igYYAA..; uuid2=5420305474117021725
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 06 Oct 2021 17:40:22 GMT
Age: 13263358
X-Served-By: cache-lga21980-LGA, cache-hhn4023-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 43672
X-Timer: S1633542022.381442,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame F240 1006 B
860 B 23ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: ce6b61f53521d0370ce1001857b92650d756d2328fb1614d397bbd08f68356df

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dll-files.com/
accept-encoding: gzip, deflate, br
cookie: i=b9252c58-c1c9-4e61-8def-2caba6f96daa|1633542018
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dll-files.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=b9252c58-c1c9-4e61-8def-2caba6f96daa|1633542018; Version=1; Expires=Thu, 06-Oct-2022 17:40:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1633542022|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 21-Oct-2021 17:40:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 06 Oct 2021 17:40:22 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mrgadche1MyaTY5

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mrgadche1MyaTY5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Oct 2021 17:40:21 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mrgadche1MyaTY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4845e069-d95b-4d17-8d04-6093d29a630c&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=a4d9a480-ab2e-493e-860b-1b368731e22b

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=a4d9a480-ab2e-493e-860b-1b368731e22b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=a4d9a480-ab2e-493e-860b-1b368731e22b
Date: Wed, 06 Oct 2021 17:40:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5420305474117021725

43 B
122 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5420305474117021725
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Oct 2021 17:40:22 GMT
X-Proxy-Origin: 216.131.114.169; 216.131.114.169; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fec9ad23-0ba6-4017-b46c-daaaf588d51c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5420305474117021725
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIN0JrN0N1NzhBQUdUbnY0R0pSdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH7Bk7Cu78AAGTnv4GJRw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH7Bk7Cu78AAGTnv4GJRw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAH7Bk7Cu78AAGTnv4GJRw&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH7Bk7Cu78AAGTnv4GJRw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7308167650753553639
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAH7Bk7Cu78AAGTnv4GJRw

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAH7Bk7Cu78AAGTnv4GJRw
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:23 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAH7Bk7Cu78AAGTnv4GJRw
Date: Wed, 06 Oct 2021 17:40:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fc39615d-df86-4100-b39f-b60a65f3257f

43 B
106 B

19ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fc39615d-df86-4100-b39f-b60a65f3257f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 06 Oct 2021 17:40:22 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fc39615d-df86-4100-b39f-b60a65f3257f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 Oct 2021 17:40:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-14kVakJKQfgWShSq1c8UvtZIgPgWyFXq1osWiBm

43 B
106 B

19ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-14kVakJKQfgWShSq1c8UvtZIgPgWyFXq1osWiBm
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-14kVakJKQfgWShSq1c8UvtZIgPgWyFXq1osWiBm
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1409347104815136839

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1409347104815136839
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1409347104815136839
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame F240 70 B
265 B 110ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=6a891301-684e-7196-d739-e443c2de5e57&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F240 170 B
523 B 39ms
17ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZlNmMwY2ItYTEzOS0yZjMyLWMyZDktYmVmYTA4M2M5MDM3

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F240
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMEPcoGiMLlcw03uI9AQmD8&google_cver=1

43 B
106 B

23ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMEPcoGiMLlcw03uI9AQmD8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMEPcoGiMLlcw03uI9AQmD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7ACE 2 KB
2 KB 54ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60886341&p=158460&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 03c946f27cf4dca3cfa65acb6ea50b04f40d3b693a98f0e7163e485fc6e4015e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1683
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 3CCB 0
735 B 56ms
24ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Oct 2021 17:40:22 GMT
X-Proxy-Origin: 216.131.114.169; 216.131.114.169; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2c87e12f-5727-4c12-86fc-318f1abe32cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame CB86
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A

35 B
467 B

21ms
21ms

Document
image/gif

37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 06 Oct 2021 17:40:22 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=972357236415863663; expires=Sun, 05 Dec 2021 17:40:22 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 06 Oct 2021 17:40:22 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FC08F465-5A97-4F2D-AAAF-1D47D521513A
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 06 Nov 2021 17:40:22 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame ED30
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646

42 B
210 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=FC08F465-5A97-4F2D-AAAF-1D47D521513A; chkChromeAb67Sec=1; DPSync3=1634688000%3A201_197_219%7C1633564800%3A174; SyncRTB3=1634688000%3A13_54_161_56_220_21; SPugT=1633542021; KRTBCOOKIE_391=22924-8503030297081741309&KRTB&23263-8503030297081741309; PugT=1633542022; PUBMDCID=3; KRTBCOOKIE_377=6810-beb906f4-fdcb-4183-b083-e8fccea83e74&KRTB&22918-beb906f4-fdcb-4183-b083-e8fccea83e74&KRTB&23031-beb906f4-fdcb-4183-b083-e8fccea83e74; KRTBCOOKIE_80=22987-CAESELMlnpIVrgUvxpZaEPWu_U8&KRTB&16514-CAESELMlnpIVrgUvxpZaEPWu_U8&KRTB&23025-CAESELMlnpIVrgUvxpZaEPWu_U8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 06 Oct 2021 17:40:22 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-8918348278539780646; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 05-Nov-2021 17:40:22 GMT; path=/ PugT=1633542022; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 05-Nov-2021 17:40:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 04-Jan-2022 17:40:22 GMT; path=/
x-lat: lhrpug016:0:424
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8918348278539780646
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7ACE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Aj0ZVqXTy2qrx1H1SFROg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

10 KB
10 KB

7ms
7ms

Image
text/html

184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43480
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 07 Oct 2021 05:45:02 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fc39615d-df86-4100-b39f-b60a65f3257f

0
260 B

57ms
13ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fc39615d-df86-4100-b39f-b60a65f3257f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 06 Oct 2021 17:40:22 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fc39615d-df86-4100-b39f-b60a65f3257f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 Oct 2021 17:40:21 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame 7ACE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=FC08F465-5A97-4F2D-AAAF-1D47D521513A
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=4468b46079474431

62 B
304 B

179ms
144ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=4468b46079474431
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 17:40:23 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=4468b46079474431
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkMwOEY0NjUtNUE5Ny00RjJELUFBQUYtMUQ0N0Q1MjE1MTNB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
340 B

60ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:335
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELMlnpIVrgUvxpZaEPWu_U8&google_cver=1

42 B
363 B

60ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELMlnpIVrgUvxpZaEPWu_U8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:436
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELMlnpIVrgUvxpZaEPWu_U8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7ACE 43 B
610 B 53ms
12ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 05 Oct 2021 17:40:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=beb906f4-fdcb-4183-b083-e8fccea83e74

42 B
293 B

22ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=beb906f4-fdcb-4183-b083-e8fccea83e74
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:496
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=beb906f4-fdcb-4183-b083-e8fccea83e74
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8503030297081741309

42 B
542 B

56ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8503030297081741309
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:495
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 17:40:22 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8503030297081741309
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7ACE 0
128 B 19ms
13ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158460&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:40:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dll-files.com/	1970-01-19 21:45:45	Name: pg_session_depth Value: 1
www.dll-files.com/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"DE","region":"HE","ip":"216.131.114.169"}
www.dll-files.com/	1970-01-19 22:28:54	Name: pg_custom_timeout Value:
www.dll-files.com/	1970-01-19 22:28:54	Name: pg_ip Value: 216.131.114.169
.dll-files.com/	1970-01-20 15:16:54	Name: _ga Value: GA1.2.269496191.1633542019
.dll-files.com/	1970-01-19 21:47:08	Name: _gid Value: GA1.2.1161073315.1633542019
.dll-files.com/	1970-01-19 21:45:42	Name: _gat Value: 1
.facebook.com/	1970-01-19 23:55:18	Name: fr Value: 0jCA647s72BOiHWvX..BhXd-C...1.0.BhXd-C.
www.dll-files.com/	1970-01-19 22:28:54	Name: pg_beacon Value: 1
www.dll-files.com/	1970-01-20 06:31:18	Name: pg_mm2_cookie_a Value: 4bbb3262-cbce-4096-b7ea-a14e7a2b75c4
www.dll-files.com/	1970-01-19 21:45:45	Name: pg_session_id Value: 45a091a0-f13f-4f2d-969d-0e47bffc341a
www.dll-files.com/	1970-01-19 21:47:08	Name: pg_tc Value: not-sampled
www.dll-files.com/	1969-12-31 23:59:59	Name: pg_canonical_session Value: 47d070b119d57db39bb696b5d51bda06
.openx.net/	1970-01-20 06:31:18	Name: i Value: b9252c58-c1c9-4e61-8def-2caba6f96daa\|1633542018
.dll-files.com/	1970-01-19 21:45:42	Name: _gat_gtag_UA_190292_2 Value: 1
.adnxs.com/	1970-01-19 23:55:18	Name: icu Value: ChgI9p9dEAoYASABKAEwg7_3igY4AUABSAEQg7_3igYYAA..
.adnxs.com/	1970-01-19 23:55:18	Name: uuid2 Value: 5420305474117021725
www.dll-files.com/	1969-12-31 23:59:59	Name: pg_analytics Value: disabled
.dll-files.com/	1970-01-20 07:07:18	Name: FCCDCF Value: [["AKsRol_64m0M-T7tiX9diWGg5f4_VWFG3RB_rgt-lS3aBAHXTaqPaW493NziQg4yRHihJbBsGO1AhsOoV6tWgKXE5xj4SRK5nm5kInw5KZPgnWXwkTFTtWOJ0prEjYJitnuKCBaJd7EaZPIiayJMT103DdGIjEGyfg=="],null,["[[],[],[],[],null,null,true]",1633542018891],null]
.dll-files.com/	1970-01-20 06:31:18	Name: FCNEC Value: [["AKsRol_64m0M-T7tiX9diWGg5f4_VWFG3RB_rgt-lS3aBAHXTaqPaW493NziQg4yRHihJbBsGO1AhsOoV6tWgKXE5xj4SRK5nm5kInw5KZPgnWXwkTFTtWOJ0prEjYJitnuKCBaJd7EaZPIiayJMT103DdGIjEGyfg=="]]
.doubleclick.net/	1970-01-20 07:07:18	Name: IDE Value: AHWqTUk4criTjrYX93S_xTVxK5OJH5yPyEvZrLpbe9IqAv0mRRmqJORsQgc8Gk5bDyM
.dll-files.com/	1970-01-20 07:07:18	Name: __gads Value: ID=51048f9ae70ecf6a-22b8d1f0e9ca0054:T=1633542019:S=ALNI_MbVENhrW1ra9fzhVZujwLCnbo94tQ
.doubleclick.net/	1970-01-19 21:45:45	Name: DSID Value: NO_DATA
.openx.net/	1970-01-19 22:07:18	Name: pd Value: v2\|1633542022\|mOgeginskin0vNomiygu
.ads.pubmatic.com/	1970-01-19 21:47:08	Name: KCCH Value: YES
.bidswitch.net/	1970-01-20 06:31:18	Name: tuuid Value: a4d9a480-ab2e-493e-860b-1b368731e22b
.bidswitch.net/	1970-01-20 06:31:18	Name: c Value: 1633542022
.bidswitch.net/	1970-01-20 06:31:18	Name: tuuid_lu Value: 1633542022
.w55c.net/	1970-01-20 07:15:56	Name: wfivefivec Value: mrgadche1MyaTY5
.quantserve.com/	1970-01-19 23:55:18	Name: d Value: EJsBDAG1JIqsMA
.quantserve.com/	1970-01-20 07:15:56	Name: mc Value: 615ddf86-69cf8-c6632-40ff5
.w55c.net/	1970-01-19 22:28:54	Name: matchopenx Value: 5
.pubmatic.com/	1970-01-19 23:55:18	Name: KADUSERCOOKIE Value: FC08F465-5A97-4F2D-AAAF-1D47D521513A
.pubmatic.com/	1970-01-19 23:55:18	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:55:18	Name: DPSync3 Value: 1634688000%3A201_197_219%7C1633564800%3A174
.pubmatic.com/	1970-01-19 23:55:18	Name: SyncRTB3 Value: 1634688000%3A13_54_161_56_220_21
.mathtag.com/	1970-01-20 07:11:37	Name: uuid Value: fc39615d-df86-4100-b39f-b60a65f3257f
.adform.net/	1970-01-19 22:30:20	Name: C Value: 1
.adsrvr.org/	1970-01-20 06:31:18	Name: TDID Value: beb906f4-fdcb-4183-b083-e8fccea83e74
.adform.net/	1970-01-19 23:12:06	Name: uid Value: 8503030297081741309
.simpli.fi/	1970-01-20 06:32:44	Name: suid Value: 55E4E0FD23834A8198074B8A20EB03D2
.adsrvr.org/	1970-01-20 06:31:18	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiGt6P8zL6EOhAFGAUgASgCMgsIxtybqeO-hDoQBTgB
.de17a.com/	1970-01-20 06:24:06	Name: guid2 Value: 1.8918348278539780646
.pubmatic.com/	1970-01-19 22:28:54	Name: SPugT Value: 1633542021
.pubmatic.com/	1970-01-19 22:28:54	Name: KRTBCOOKIE_391 Value: 22924-8503030297081741309&KRTB&23263-8503030297081741309
.pubmatic.com/	1970-01-19 22:28:54	Name: PugT Value: 1633542022
.pubmatic.com/	1970-01-19 23:55:18	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:55:18	Name: KRTBCOOKIE_377 Value: 6810-beb906f4-fdcb-4183-b083-e8fccea83e74&KRTB&22918-beb906f4-fdcb-4183-b083-e8fccea83e74&KRTB&23031-beb906f4-fdcb-4183-b083-e8fccea83e74
.bidr.io/	1970-01-20 07:14:15	Name: bito Value: AAH7Bk7Cu78AAGTnv4GJRw
.bidr.io/	1970-01-20 07:14:15	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-19 23:55:18	Name: KRTBCOOKIE_80 Value: 22987-CAESELMlnpIVrgUvxpZaEPWu_U8&KRTB&16514-CAESELMlnpIVrgUvxpZaEPWu_U8&KRTB&23025-CAESELMlnpIVrgUvxpZaEPWu_U8
.pubmatic.com/	1970-01-19 22:28:54	Name: KRTBCOOKIE_336 Value: 5844-8918348278539780646
.scoota.co/	1970-01-20 15:16:54	Name: tuuid Value: 4845e069-d95b-4d17-8d04-6093d29a630c
.scoota.co/	1970-01-20 15:16:54	Name: c Value: 1633542022
.scoota.co/	1970-01-20 15:16:54	Name: tuuid_lu Value: 1633542022
.pubmatic.com/	1970-01-19 22:28:54	Name: KRTBCOOKIE_699 Value: 22727-AAH7Bk7Cu78AAGTnv4GJRw
.onaudience.com/	1970-01-20 06:31:18	Name: cookie Value: 85e983a302ca1e4d
.onaudience.com/	1970-01-19 21:47:08	Name: done_redirects109 Value: 1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e2b0cd759685c0e2
.smartadserver.com/	1970-01-20 07:14:30	Name: pid Value: 7308167650753553639
.smartadserver.com/	1970-01-20 07:14:30	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 07:14:30	Name: csync Value: 127:AAH7Bk7Cu78AAGTnv4GJRw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m2d.m2.ai/pg.dll-files.js Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
bh.contextweb.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.pubguru.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dll-files.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
m2d.m2.ai
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
monetizemore-d.openx.net
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
r.scoota.co
rtb-csync.smartadserver.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
sync.mathtag.com
tags.bluekai.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
uuid
www.dll-files.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net

104.111.215.191
104.18.10.207
13.32.29.122
13.35.253.85
142.250.181.226
142.250.181.232
142.250.184.194
142.250.184.206
142.250.185.163
142.250.185.194
142.250.185.228
142.250.185.66
142.250.185.74
142.250.185.98
142.250.186.106
142.250.186.134
142.250.186.161
142.250.186.174
142.250.186.34
142.250.186.35
142.250.186.46
142.250.74.206
151.101.1.108
157.240.20.19
157.240.20.35
169.50.137.190
18.156.195.47
184.30.24.198
185.29.134.248
185.33.220.243
185.33.223.178
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.86.139.114
198.148.27.140
213.155.156.169
3.123.163.175
3.127.179.79
35.244.159.8
37.157.6.246
51.79.83.225
52.17.35.107
52.49.238.187
52.58.119.106
72.251.249.14
74.125.71.157
76.223.111.131
79.99.3.27
89.187.169.47
91.228.74.134
01982439b9d0791cc7527b2d5f28f38f3378011368f4c69c6f561469f0194b85
03c946f27cf4dca3cfa65acb6ea50b04f40d3b693a98f0e7163e485fc6e4015e
086f69ee447cdda1541ce14093532f2b7cd048686a7aeadd2861111f56ca2b25
08e5b313cb5fbd56cae0b7854a87598a8cf58bade099ff00f9f49c4fd0487352
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d69d2e898ca79f657bfc06ad0106b96a849e3a3899301964f3de6241f83fd60
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ccd215d2b6eb3f861b1db578359c159b7dcf9cdbf2b8144bb2b5535ace3b3d6
231f99e8070e670f5a82776416027759e250d231b29befc8827f5d53b76780d6
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2721500d9781d11ced3460b8f5f95338c0ba8ace1e5149c8f3b9489587d602e8
285fe0dc67fac6b8a1401938007ccbdc445649335ef30a844361270fd2142353
2876d82229e7d23eb432e577bd228a1276ae7dd1bc91ed0abfdf76a866d932a5
2a962ada915b19a2fc687e834d28c7cb0e3a8644f8b37016774e0a722c547e0a
2b20751583209d9ac68dfbf6deee8f0a0867f343f0c5c77f43ec9068f42634b9
2b3b64a5bfa0a16c963a014fe89bd11b8cd8ae49ee3b93c8598b708e028348ad
2b64412232b14210c87e90d889dc51ec97300bbc65b7fff346e858c6e2e8dc41
2bec5c292e947914a35499fb2c29368226f0b0c7690ef0bf3852e53c44dfb00a
2d2eaf65bdbab7dd46d7400f85d319363d54ab8f7e7930e707976eb04a0a8992
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
2f4fe1dc13f9d98546fef63ee21e93ec60031faad7fe301c5fddc3de87efe8d3
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3544434c00ba11fff534442fd3d8940b3b8be9f79fbf0b5724456004037fdc2b
37639c378ce4d0cca7a03771cbcdb827b756915909a5aad0ed2018ad6b821668
3a67fb84372f660ad0114c2e869e5e6165eca04367883b74af8925c74ab2f25e
3d265464ffea3c44cb0dd5d5c38da3019243e847b99c7f5c51aa1a5904f21d5d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da2dda51c28bbb24fd30340933a5797bceb3f20c7446e68552ea589aa15626a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50e719d4da0f57b8603cd602fdab265869991986361b937ec07419f801e1ffb8
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
579e5aa833317945ba16620d8335342f706c4cc0fb0c2969096bcba3231284f6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
65feaf79fcc97ce0cc60d36b87007c593c9e84190482b9ea83f93e04de20487a
6d21727a5c91f29a56caf3c09adb9fd8219623ff64ba94b745c67eea4a324a9b
705f8cdc15c1fd8b6ad8780a5a4a4db7bb659ac4c1d2f290fb5be77e3859f86b
72bda6f4dac651802113769bcd44a46b6246b53cda67497e8d4894aabb7b687c
75102b36e4a9ed753c8281016c79cf19cbeec12e68cf0d6e06106243b11b1ac5
7aac921465d72472ceb648adc85f8f62c19336dbd00da6afb6b577a8e4c00165
7b68247ebe3d3169bc05b487c345a8b88839856aae1aa8a412dd5f255765cdbf
7db0f5798491f765b194138be25843a2c8f20c98de241887c1881ef641901fdc
7f2cb26c510ccb3f3c70d338c2ab24ba3f3f1c8d6888425e6a7b09060ba2a423
83144cda06b2ec50856eaa3d4a218f28e49fc92d929dfe471548074c1bba6202
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87fee6ed34184b18520b2c3e541a99804038d3bb3c3955d88e491927135d5fc7
889c4a291dd953f95ce70c88578e39aef4994ca21cfdb44c88c07137766aff08
893dd9401f9f42ae2ade04fc915c4ce3bc11e3c15aa871b1416660e8c00ab81a
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a4d0cf7b4b7d0c66f12c688b7a36189b43579094b1e95b603b16cca9dc6d3ad
8ad2460515e6ebbd66837191126b6e1f5ceddbcd16d5cb2bd77760fba0717a43
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
966320c020e60a88c6c111766271f91c374405ae567ecda4e139608e6569159f
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
9f59dd3a4239ffdda1b6262e8938b9782e97eda6287c44425388070345153063
a05e663f1e7d4112b967493a795c25c4f1f029adc46d370e9774bd9990ab351a
a0659277913d59bd68581637a5aef62bff0c7dc7ca8dd97fa70461d7ea140a60
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab81bd83dcc454dc4086bccc4b06a6fb5bbe3ff27dbfcccf8a46a0fd18588b7f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa83db9dd705c009f27f7e95a9fec771890166f73cbeff514ead7d26f88621a
b55c7c491e3e1b9ec3642066803df73333b85768bda8e7c275a3d7dd1bdd3342
b6d5f2db4851a5e21f3ad2443c9c9732aa186f070faed502edeb8e5d6b7930d2
bb3c471d4de9c03c4a780f7ce2448a4c7058f3dcee839060458dad21a08e119a
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5a10830c7e4be7f8e95525e54b60bd978a2fdd1d450dae2b2d1c0c8142d6300
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cdd64aec6602e6d145259410417777dc04244cc23d1154b6e0a910ba9edc73f4
ce6b61f53521d0370ce1001857b92650d756d2328fb1614d397bbd08f68356df
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15980f836ad199e34a300666fcbaf81397e830114cdd8d6b3a18e5b2b3360f0
d3e0afbdee3d44e9b1c37bde7025eb048ecce864b2c351cb4fed2507abc84187
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
da32d12363d98b8d4577418ebb25e4d19901cabcf9d8853741de5db424c7d867
da9f081b4b1449e319ce8c64b7faef0d329a2f7218cac25e329dacb2de76b9cc
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6102020e3cbdd9ca59c76bbc9bf69f45190bb33307478fd7393b94fbfcd348
e09c1593c75a65ba3cf9602fcbdcb515339d4a9cf006e988dad52648216b531e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f998c50a4f2dc7caa91f9864b5ec4e38903c4f52ff15d7719d02b7797c6474
e588395f82b044556b17b4be4967a62954dd564fa0c0b5ab6c83253e37dde093
e6394287c507fab047be9462ff52b0206943fb0e6f99ee08adc0357f9f0ad468
e9ab9f7f26efee8ef848c70217cf34847735d3ff124f7e0d379996f24d0255ec
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
eb3e501fb76cbd4eb519a2a89061eed4ca27dd3cd6eb96fa86d7fb3d13ad9100
eeb62172b39717e92dac869e6626d3067008b718bc12a7d741c6bbb00506b197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96
f7e6240da6524a9743b001515b5a46f8908aa7026b72d271277c797f00128a72
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.dll-files.com Open in urlscan Pro 89.187.169.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

95 %HTTPS

0 %IPv6

36 Domains

57 Subdomains

43 IPs

10 Countries

2156 kBTransfer

4806 kBSize

62 Cookies

10 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dll-files.com Open in urlscan Pro
89.187.169.47 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

95 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

43
IPs

10
Countries

2156 kB
Transfer

4806 kB
Size

62
Cookies

174 HTTP transactions
3 data transactions