mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/cysfgmbgmnoo
Effective URL:
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Submission Tags: phishing
Submission: On May 28 via api (May 28th 2022, 2:47:22 am UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 25 domains to perform 200 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mobilesafe.shop.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2022. Valid for: a year.

This is the only time mobilesafe.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:214... 2600:9000:214f:8c00:b:b271:7c80:21	16509 (AMAZON-02) (AMAZON-02)
2	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
6	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.248.92 18.66.248.92	16509 (AMAZON-02) (AMAZON-02)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
25	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.248.38 18.66.248.38	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
15	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
5	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
13	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
200	33

21 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:8c00:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)

d26adrx9c3n0mq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

file-upload.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mobilesafe.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-92.dus51.r.cloudfront.net

denknowled.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dinterperson.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-38.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	633 KB
25	demand.supply live.demand.supply — Cisco Umbrella Rank: 31898 api.demand.supply — Cisco Umbrella Rank: 59939	38 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	368 KB
21	file-upload.com www.file-upload.com — Cisco Umbrella Rank: 556615	550 KB
18	seadform.net track.seadform.net — Cisco Umbrella Rank: 85568 s1.seadform.net — Cisco Umbrella Rank: 299319	158 KB
14	google.com 6 redirects accounts.google.com — Cisco Umbrella Rank: 78 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	freychang.fun freychang.fun — Cisco Umbrella Rank: 24503	303 KB
6	cloudfront.net d26adrx9c3n0mq.cloudfront.net	210 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	50 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	682 KB
4	dinterperson.xyz dinterperson.xyz — Cisco Umbrella Rank: 22082	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286 www.google-analytics.com — Cisco Umbrella Rank: 35	37 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	168 KB
3	denknowled.xyz denknowled.xyz	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1452 id5-sync.com — Cisco Umbrella Rank: 600	12 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 11613	9 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	46 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8526	795 B
1	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 8253	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
1	mobilesafe.shop mobilesafe.shop	6 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	file-upload.site file-upload.site	12 KB
0	elementalantecedent.com Failed elementalantecedent.com Failed
200	25

	Domain	Requested by
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.file-upload.com
22	live.demand.supply	mobilesafe.shop live.demand.supply client
21	www.file-upload.com	www.file-upload.com mobilesafe.shop
15	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.googletagservices.com
13	s1.seadform.net	track.seadform.net s1.seadform.net www.file-upload.com
13	pagead2.googlesyndication.com	live.demand.supply securepubads.g.doubleclick.net tpc.googlesyndication.com www.file-upload.com 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.googletagservices.com
11	42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com	securepubads.g.doubleclick.net 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.file-upload.com
9	www.google.com	4 redirects tpc.googlesyndication.com 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.file-upload.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
6	freychang.fun	d26adrx9c3n0mq.cloudfront.net
6	d26adrx9c3n0mq.cloudfront.net	www.file-upload.com d26adrx9c3n0mq.cloudfront.net
5	track.seadform.net	www.file-upload.com s1.seadform.net
5	www.googletagservices.com	42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com www.file-upload.com
4	accounts.google.com	2 redirects
4	dinterperson.xyz	www.file-upload.com
3	www.gstatic.com	42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
3	fonts.googleapis.com	42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com s1.seadform.net
3	api.demand.supply	live.demand.supply
3	connect.facebook.net	mobilesafe.shop connect.facebook.net
3	denknowled.xyz	d26adrx9c3n0mq.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	images.dmca.com	www.file-upload.com mobilesafe.shop
1	s0.2mdn.net	s1.seadform.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	certify-js.alexametrics.com	mobilesafe.shop
1	ssl.google-analytics.com	mobilesafe.shop
1	www.googletagmanager.com	mobilesafe.shop
1	mobilesafe.shop	www.file-upload.com
1	www.facebook.com	www.file-upload.com
1	file-upload.site	www.file-upload.com
0	elementalantecedent.com Failed	www.file-upload.com
200	35

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
file-upload.site Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
denknowled.xyz Amazon	`2022-05-25` - `2023-06-24`	a year	crt.sh
*.dinterperson.xyz E1	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-06` - `2022-06-04`	3 months	crt.sh
mobilesafe.shop Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-04`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Frame ID: 87B5C075B88ED369605B2CB25CBE8196
Requests: 103 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: EC538C1A9D166F9049DA99CA142AACF9
Requests: 1 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBBA2F9FA571401C8ED57A1CD52AD80A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CA09926ADCAC43776750F974667FC09
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE4E3B3C65A23F79E59EFE50A2ABF1CE
Requests: 2 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D3862742324E1670B66AE9FAF63E322
Requests: 5 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7E6C6F2E0A2C9F62804FE797F2C948A
Requests: 11 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7E66230B0924207DE30708C24E5065A5
Requests: 11 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7E6C282419930DC6EB44CD89BCF4E67C
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3A091BA9CF04CAC88040B58E518CE3DB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB403A5DC9EA1F6655AFCE7878CFA52F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C817E41259BEF699D00BE6CDA3FA40B3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9B99A5C4E33D9C19AD584A62A08529F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5BBFCA0DAE2AC11333FCAD6FB0E61F35
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 82026101B27352C043AC13D4410D5825
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 02CB875426A2530F9EC8DAB2F690877A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: DAFEC15681781E0793505B183009C1A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 7D76D2D0041F8D80C3AA8440A1C7764B
Requests: 1 HTTP requests in this frame

Frame: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0657AE016FB7F5D80BC9BE706C9D13B3
Requests: 1 HTTP requests in this frame

Frame: https://track.seadform.net/adfscript/?bn=39127511;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Clqq8NI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9wFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVCTMm5yS9ycvx_cLtKnjjxDHAXPf7sBdRyYaKYWeOYKhTzx4mZRgkGW3Ns7aCwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAG4DAHYEwPQFQH4FgGAFwE&num=1&sig=AOD64_1I4GbF0gDX4YFb-S65fOrEGjJEuw&client=ca-pub-3831894559014614&adurl=
Frame ID: 6CEB76CE9F16A402E4A87BCE60D15492
Requests: 16 HTTP requests in this frame

Frame: https://s1.seadform.net/Banners/Elements/Files/33069/8154594/8154594.js?ADFassetID=8154594&bv=1542
Frame ID: 2B64ABAD9E01C4F5C8F24B56596DBDDC
Requests: 12 HTTP requests in this frame

Frame: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
Frame ID: 8AC80155D0775369D21A54F70F6FEB5A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/cysfgmbgmnoo Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

200
Requests

97 %
HTTPS

69 %
IPv6

25
Domains

35
Subdomains

33
IPs

5
Countries

3331 kB
Transfer

6543 kB
Size

10
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/cysfgmbgmnoo
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://mobilesafe.shop/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/cysfgmbgmnoo Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-318303980%3A1653706035454282&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczOOqTrIAjyfdemvaA66KdgjBLkBNF34_8eSTqTzwGNo3i300jnXVkP-gR-8CFZg38-DNJcxg

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1710847194%3A1653706035497596&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwzoQ6AcKN_DTfCGkaw1Nk109abSq4X1i4zRfXuKglf2xqmQoMdXs2ntcNbtwarlJ65jdiJtQ

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

200 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 cysfgmbgmnoo Show response
www.file-upload.com/ 20 KB
7 KB 154ms
95ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8062e6683074c3616dd20a7d19ce46807f75b5efed59c3d4ff575cffd0e5334b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7123aa1e39149b7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:47:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 27 May 2022 02:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imNVMbNpzBKHVXeQ98Bne%2BG36PdHIZAQIIj665p1ZEkcMKbux9ZzEKyqO3BdKCOxr9uPTkJJZsXFUsAx6eKVDHUzLWmWwOk1AVwBqt0AjDuO4aD4E0JCzzBRd0l6U20jOiWeuAL8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 app.css
www.file-upload.com/mngez/css/ 247 KB
41 KB 34ms
33ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267207
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UR5E%2B%2B%2BDShn71SXMsIbebku8DVxRaEu7KwdzP4M57lQ95sZ5jgYthr8ImgJF%2F1PcvH%2F%2BI%2Be8p8VqR7%2BBLyrTEIEyJodE3mnahI5%2FBPFYW0SO%2F%2F33UWBYwS4DnV9kTA8%2F7Mf3G8fI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 02 May 2022 21:00:28 GMT
cache-control: public, max-age=31536000
cf-ray: 7123aa1ed9f59b7a-FRA
cf-bgj: minify

GET
H2 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 84ms
84ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"3aa0d-5b9d6bb49011b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pamURoVuFx7tZn1meOJSvhI%2B9S7BQ7lRxHObf7FLaUwnGhHn0zEvTa1Ae70HL1aT7W0PYriEWRw%2FsA5XZQLqCPwGQqyesAXRHgnNPb9pLNuzlutUvDfi%2BIMElN3qcmx9JxkEVKJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2692000, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7123aa1ed9f69b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 73ms
72ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611724
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"c8f-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsf9R7xxksXkLa4XrTKU2sCEBeOs6IZ69k6dPd5n%2FmRw4x32YsfgAsg78QQ01A7SWKx1UVVE9lyp0ceWpZ2Ceb5KWEFedOO0vWNx1a5TSzYSlzY0m4YROZSQ0DglBDT%2BoNS9J6hQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa1fadc69bf8-FRA
expires: Tue, 01 Feb 2022 07:05:11 GMT

GET
H2 200 /
d26adrx9c3n0mq.cloudfront.net/ 492 KB
158 KB 245ms
191ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 161118
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: -kz-8wdzUPErneKV1rjtwZI7BU65OBFGYmkKboo7nbbpR7T4u4TcAw==

GET
H2 200 page.js
file-upload.site/ 22 KB
12 KB 708ms
343ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://file-upload.site/page.js
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 22:47:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11601
expires: Sat, 04 Jun 2022 02:47:15 GMT

GET 01105f188a1c32226733edcb09dd3870.js
elementalantecedent.com/01/10/5f/ 0
0

GET
H2 200 /
d26adrx9c3n0mq.cloudfront.net/ 163 KB
49 KB 194ms
193ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 49634
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: RJItbytC3ZKS7c6ncwgQ32V6ZmndqRTaVQ6psLYS0dHKSq6mH9ZwxQ==

GET
H3 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 73ms
72ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611719
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgRkjgiS%2FdpMlsfgaqyeqcTlY7Wpylja%2BynCuSHsURHlzWiVNuCDB1nPzWn7ow74Cv5Kerj6OksmhoQ9Q%2BFY2sKjqU0Z%2Ft%2BDb%2BocF%2FsbZERSQ6974NwadyDZCiM7vBsVLuBr7VyB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa1fadc79bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H3 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 74ms
73ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611719
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "281-57e1cf82658c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sxrQwHSUkRBHiniHSwMPQQt5jTXrYE3CQ2r%2BBACh%2Fu9txqEBBDY26xxS52RjQHK9QLvn9WCYLiCGhopi9NsvEUbte9uipuxLKvxkfDg8g6tXPzzlY9zNgm5rFPIMircIYg3U6H%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa1fadca9bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 137ms
21ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Mon, 27 Jun 2022 02:46:56 GMT

GET
H3 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 29ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/cysfgmbgmnoo
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611719
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"1363-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoyedEpY8aZ3QhMXu5xg3M7Ry3GD7P8kTUdcnSEJKW1weWMnNDhLxbiqFCwA2PeSr5z9gcMySSVCgt5JQb4j86504WMdvg9t2gXzPQNX2u13coR%2BN1XClX97FD9v7Vb7s%2FaA2EQA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa1fadcb9bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 28ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8840560
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"3aae-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z4lsaDIsYFkaQScsztI%2BRQt3BGKfcKiMR98zMQ4hiRup8kzkoEJvhW7z0pVPb9FI3F1zoN5quKM%2FASOxRgm8DyHNjE6W95l5Cs5VcoSdYMFiVCjf0S0f8UIRED2x%2Fa5APBi1ico"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa1fadd19bf8-FRA
expires: Mon, 21 Feb 2022 19:04:35 GMT

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 89ms
88ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6428
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7904
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ee0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryu8Iai4VZkI2jR3IFL1VpH%2BA0d2utxm49WCf1L0TBaS3x5%2FxjhnHmOL2kF1YpK2ZXmGMqqu3FK5%2FfCiH90ezeRmtKFLRSt2bbxmQU6At%2BMF6Kw0FjatiEVyPu7ev62OZE%2FccAa4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa1fbdd49bf8-FRA

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 47ms
47ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2735
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "12d68-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYnghrID4KiqwV2OnVtydRphoOT4cIqaBw4BkhN%2Fz%2BRIV8t6Aqp4HWlk81h3%2B6O13GjkOfspDNqJ1NNIKJZbx%2FnpLExo%2BqtHfnYyWUER2Bv1tFmOCuf5AFwmFP1TwHZiEToUB0PN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa1fbdd59bf8-FRA

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 91ms
91ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5002
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7884
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ecc-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVBonJwZfygLPcziq2xnXSbSSPz%2Bd1ihW%2B12ljimbADNlfrIyYabLrWC31SGGaP9kO%2FGmqTGQbPoD4TXwRh3H0%2BZeOAGmvP0KwspanyRLue%2BD5Uz6XtQsNcdxMBUcz%2FSzVssk8eo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa1fbdd79bf8-FRA

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
101 KB 81ms
27ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 02:13:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLezHlgvMQvXJA7cQ2tjVunhs9ogF61HHHwODXdmjck2tVfNRGD9msyPmFUi0byI6Zzmjf5GBXLEu7k%2FeY249CZo4lS2JcsLzA2ibjqk1n5ikcm%2BfNybwENmSP2Z3rdS5Y1vvQ9dwVfwZyrN"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa21487c902e-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
366 B 173ms
118ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyuygqYULMkhw7A4Wr%2FDV51a6B1PhR3uKkxOJpUho06qnou8bRoMYankotcDVrfC9kBkp%2BFbJpU0Kk2q1qDLzCT4o%2BHNAtYtslYpA73h7%2FMTEtA%2BVPL733G%2BvvyMv%2BcqbE6jvpMnaRKonWsy"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa21487f902e-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
493 B 169ms
114ms XHR
text/plain 18.66.248.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=e6YvBRPOCDXG&top=www.file-upload.com&tid=888398
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-92.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: Hp5kJCfn7fPD8-Cma7cxMHYV4KVxuOKQq1Er_jKrBtKuuamF_UYqzg==

GET
H2 200 VyxGNToLKkZxeVcuWDE1BmFXOyBOaUFpfA
d26adrx9c3n0mq.cloudfront.net/TZ080VE0EIFoychMmUGl1X3cHbXVBJUc7IxdyRSYpP3hdPTU0aUAuKVp/EjgsCSgJcigJLAllaxM/Wz9wBTVNIS4dPFo6I0E6VWkkBhBVJi4PJkIxP0J9BHxoVQ1cIDkXagcVaFUJEWYLEDhDeiwLKkw1YwQgWXF/ITxdIC... 849 B
890 B 171ms
171ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/TZ080VE0EIFoychMmUGl1X3cHbXVBJUc7IxdyRSYpP3hdPTU0aUAuKVp/EjgsCSgJcigJLAllaxM/Wz9wBTVNIS4dPFo6I0E6VWkkBhBVJi4PJkIxP0J9BHxoVQ1cIDkXagcVaFUJEWYLEDhDeiwLKkw1YwQgWXF/ITxdIChCfXI8KAs/EWYLECpWOSwUO1-EmPkJ8dnF/VyxGNToLKkZxeVcuWDE1BmFXOyBOaUFpfA
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 613
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: QHGfDt-5ftHiC8FjJwjk1yZsdAejx8-gF3g3-DptHLWAktW7jznnZg==

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
100 KB 93ms
47ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 02:13:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4ahWMimKU0pOwrCGR77xh8K6m%2BPN8ErFoG0VPH6pJhXvqcFnfj60MuLEjlf5DmcWGlzsjrOfpQRDlI7aInlqh6hP90ZxvH3cTcL4u3hlWMH5GJDz%2F2%2BwwsRZgnzXRCK9s9xd76cqb1Q%2FhD7"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa214880902e-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
385 B 163ms
116ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrbNMLTYkOr8VEakqNiCymjDLKil0x%2FfFcMeEMwan%2BdhcFmbNfT167E06niGU8DPI8zJ67yWk3UfFZU5VORE7WFJ52ugW6STZQhKkdIGQYCPLHXBEy0Yzv3thOWvt%2BtfcHKwASJLRZZB%2BHYj"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa214881902e-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
493 B 162ms
115ms XHR
text/plain 18.66.248.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=NYBFw207L7FZ&top=www.file-upload.com&tid=889766
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-92.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: EyUpP-2sqBYpzj5bAR1q3IGyatD6-oUB07CzZSdYrjVZR1bFlotfhQ==

GET
H2 200 fgEeKn9pQgQ5LTNZEjM7LQcKOiw2ClY8I2UNERYjKgcYIDQ9FlV7cnBBQgsqLBAAbHEZQUIPZ2oiBz41dgUcLDo5ShMmL31WNjorLAFVewQwARw5Z2oiBywgNQ-UDPScqF1V6AH1WQCowORMcLDB9UEAoLj0cEWchNwlZbzdlVQ
d26adrx9c3n0mq.cloudfront.net/oQlhkcEkhNwoWdjYxAE1xemFTRn9kMhcfJzJlASA8LisiOwUoABAnbzYiAE15ZDQFHi5/ 856 B
895 B 167ms
167ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/oQlhkcEkhNwoWdjYxAE1xemFTRn9kMhcfJzJlASA8LisiOwUoABAnbzYiAE15ZDQFHi5/fgEeKn9pQgQ5LTNZEjM7LQcKOiw2ClY8I2UNERYjKgcYIDQ9FlV7cnBBQgsqLBAAbHEZQUIPZ2oiBz41dgUcLDo5ShMmL31WNjorLAFVewQwARw5Z2oiBywgNQ-UDPScqF1V6AH1WQCowORMcLDB9UEAoLj0cEWchNwlZbzdlVQ
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 619
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: jccUIGvBXc7Vs5OhThIBeax_MCkT3eR3cdef8m4vpg059_l3im_gew==

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
100 KB 85ms
46ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 02:13:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FTiaXDcHdyMMObMr82iiTamwUy4vJa6msbN5rDVaprPFeREE11OkHLWLicRxWFhazx8tXxSeEGhUXyLR07cuC6nsvGiqSAooJ7K1q5XBJIoQDzPEwTm274wJvZzhlKcofQgx7QGVMMqjEi4"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa214882902e-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
358 B 238ms
200ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNG1yxr0V0kyPGllvgdp9BhjkNvjl6iq4w2kBzOmiOckB37KP%2FPIkn2GVm5zAAW31tVPkbevGQ8P8L3rLwl18imLgMhRUGeCizyuqbTlKN3t9w1a7ttykvO8bT39Tl9lAfTFY3x1ZdIQbSW7"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa214885902e-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
494 B 159ms
120ms XHR
text/plain 18.66.248.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=OOUGLxqXE3OO&top=www.file-upload.com&tid=922253
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-92.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: xpgBZjEx7QpASXFqn6AD38lcdVDru8zwOY4Gb6XACvO_8mpPbQdaBg==

GET
H2 200 UzkLMTAcNgEkdAATHSAlV3BcDzlXOR5sY3QiCys8Uy-YaLCNBcF0LdABlDTswRTkLO3QGZQ8lNEo0QCo+X3xIPGwD
d26adrx9c3n0mq.cloudfront.net/VUTJVbkkyXTsIdiVbMVNwYwBnW3p3WCYBJyEPHQEvYn8hBAASaBZIPStWaF5vPVM7CXR3VzsNdGAUIR4mOg83FDAkUS8dJz9ccxsobFs0MSgjUT0HPzRAcFx5eRdnLCElRiVLehAXZyhsY3QiGT5/ 655 B
750 B 170ms
170ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/VUTJVbkkyXTsIdiVbMVNwYwBnW3p3WCYBJyEPHQEvYn8hBAASaBZIPStWaF5vPVM7CXR3VzsNdGAUIR4mOg83FDAkUS8dJz9ccxsobFs0MSgjUT0HPzRAcFx5eRdnLCElRiVLehAXZyhsY3QiGT5/UzkLMTAcNgEkdAATHSAlV3BcDzlXOR5sY3QiCys8Uy-YaLCNBcF0LdABlDTswRTkLO3QGZQ8lNEo0QCo+X3xIPGwD
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 472
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: 7Y9YX0Xl4PIHWgWjEwIjO_9mIZzeuArd4buAvfjX_Vd19ksMkaUpow==

GET
H2 200 TeGRycUobCxwXdQwNFkxyQVJDSHJeDgEeJAhZHz0ZAgw5C300QgYLLkVUVB0rFgNPVy8WB09AbA0FTxgrJwUAEiIREhcDb0pUWlR4OgwGBTpdVzNUeD5BQDc9DxNcECYdHBNfKRcJV0MMCw0GFG9KIhoUJghBQDc9HQYfEDkMAQACb0smV0N6GxYTBiYdFl-dFehk...
d26adrx9c3n0mq.cloudfront.net/ 181 B
460 B 173ms
171ms Script
text/plain 2600:9000:214f:8c00:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/TeGRycUobCxwXdQwNFkxyQVJDSHJeDgEeJAhZHz0ZAgw5C300QgYLLkVUVB0rFgNPVy8WB09AbA0FTxgrJwUAEiIREhcDb0pUWlR4OgwGBTpdVzNUeD5BQDc9DxNcECYdHBNfKRcJV0MMCw0GFG9KIhoUJghBQDc9HQYfEDkMAQACb0smV0N6GxYTBiYdFl-dFehkIFwkrVgcdHGNeEU9A
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 182
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: 5wb8MOpLC1HnKGMETwKvrz5_5nmvd1q5NFIWZrBdHXjmbaoUfa6NFw==

GET
H2 204 an9XTjcwIlJZYSoyDhwyKnteTi43IABVYS97XkZ0bWhdXmlpYBpVdn8yHwkgZHdJGDMtKlJZcWx1WFhxaXVaW3Nq
dinterperson.xyz/WUZvaEd2eQwbehQBJTsiHSUoPSoPDysfCTgfKh8EGhAhBBYIH0kcLj17V1B/ 0
264 B 178ms
121ms Image
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/WUZvaEd2eQwbehQBJTsiHSUoPSoPDysfCTgfKh8EGhAhBBYIH0kcLj17V1B/an9XTjcwIlJZYSoyDhwyKnteTi43IABVYS97XkZ0bWhdXmlpYBpVdn8yHwkgZHdJGDMtKlJZcWx1WFhxaXVaW3Nq
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrjdk0AuFV%2BUWtehzGa6nF8l6drzBMkRwVbmSVX7pVOwigR4Fa89rnvXdDzwEkfXOYHZ%2FY7l5PoGRNoHpilT9eSv7p3uBTjSFY4xKFdUG3a0Q5l6yfPcBPFVOsvOjw%2BQh19NRkE%2BQqXX6%2B2N%2FSiQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa217a599136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 159ms
106ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-318303980%3A1653706035454282&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignI...

0
0

146ms
102ms

Image
text/html

2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-318303980%3A1653706035454282&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczOOqTrIAjyfdemvaA66KdgjBLkBNF34_8eSTqTzwGNo3i300jnXVkP-gR-8CFZg38-DNJcxg
Protocol: H3
Server: 2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Sat, 28 May 2022 02:47:15 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-318303980%3A1653706035454282&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczOOqTrIAjyfdemvaA66KdgjBLkBNF34_8eSTqTzwGNo3i300jnXVkP-gR-8CFZg38-DNJcxg
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'nonce-ZX0pJ4QUxlEGhOJup8OxJA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-1710847194%3A1653706035497596&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLite...

0
0

111ms
108ms

Image
text/html

2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1710847194%3A1653706035497596&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwzoQ6AcKN_DTfCGkaw1Nk109abSq4X1i4zRfXuKglf2xqmQoMdXs2ntcNbtwarlJ65jdiJtQ
Protocol: H3
Server: 2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 524
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Sat, 28 May 2022 02:47:15 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1710847194%3A1653706035497596&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwzoQ6AcKN_DTfCGkaw1Nk109abSq4X1i4zRfXuKglf2xqmQoMdXs2ntcNbtwarlJ65jdiJtQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'nonce--XynRfnCEc-g5Xc7ITQb4w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b1R4eHNAaxsLTiEMOgknKx0wKkIfYzkpQiUMMBM7LRE2GRU+BV4MGgtpQEBKWGJOXgMGMEVJVRwgGQwGHGlJXhoBMhdFVRlpSVZAW3pKTl1fcg1FQkkgCBkUUmVeCAcbOEVJRVpnT0hFX2dNS0Ze
dinterperson.xyz/ 0
258 B 180ms
125ms Image
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/b1R4eHNAaxsLTiEMOgknKx0wKkIfYzkpQiUMMBM7LRE2GRU+BV4MGgtpQEBKWGJOXgMGMEVJVRwgGQwGHGlJXhoBMhdFVRlpSVZAW3pKTl1fcg1FQkkgCBkUUmVeCAcbOEVJRVpnT0hFX2dNS0Ze
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDckQOIEBLQtKyTFpTgt3BOcRxh0oXi%2FCoIc2ho%2FfmxfpHhOXZu1Au%2BuwiVds9Xt5Cs8TN8zHluakweAhrd8c9ecGcFWPOlqd8DXhiUVpd%2B8bHfALluoufn%2BczN3Eg9RL8Li3LlQ22B1ys4LczCB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa217a5c9136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 Q3BDbDZsTyAfCyE1GTxVFQAhCAUnMiEqRmZCBQkGARobJHx3IxRYEDcZJ1EPcUJxWQVlACoIC3JWMBhXNwUwUQdlGS0KWX5WNVEHbUN3QgR1XnNKQ35BZRhGIhd+XRAzBDcAC3JGdl8Bc0ZzXwNwRXs
dinterperson.xyz/ 0
261 B 180ms
125ms Image
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/Q3BDbDZsTyAfCyE1GTxVFQAhCAUnMiEqRmZCBQkGARobJHx3IxRYEDcZJ1EPcUJxWQVlACoIC3JWMBhXNwUwUQdlGS0KWX5WNVEHbUN3QgR1XnNKQ35BZRhGIhd+XRAzBDcAC3JGdl8Bc0ZzXwNwRXs
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNNrXLJZmtYbUZYOB7sVhMh%2BaYd0cjrraOeLBs%2Fc%2Bi38tenKNitLepl2bcGgSCMw%2BNIlqyRcf%2BVo%2BPEDoozjOmE8EAVXb%2Benn0AbjqBFJfIJvy3I2YT3ccHuwy1gItKyiysl00pFurFMD2mIxigp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa217a609136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ckBMQ2B4QUxGYHpCTEU
dinterperson.xyz/U09xenZ8cBIJSx1+PyIVKRowIzEdDDArNCEVNBU7ERg7DyQSGlcOHzdySUNAYnZJXAY6K0xLTnU8BRsCJjxMS1A6IRcVS3U5TEtYY2FAVEZ1OkxLUCc/EB1LYmkBDgI/ 0
497 B 175ms
120ms Image
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/U09xenZ8cBIJSx1+PyIVKRowIzEdDDArNCEVNBU7ERg7DyQSGlcOHzdySUNAYnZJXAY6K0xLTnU8BRsCJjxMS1A6IRcVS3U5TEtYY2FAVEZ1OkxLUCc/EB1LYmkBDgI/ckBMQ2B4QUxGYHpCTEU
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYa%2Bu4GMEP1SB3REYWSy%2F2CRPIT692nTllQM0Mp3DbjXkR2oemFyEiA9S1TfH20VJsASrrR4e7x10X%2F%2BMHtNx%2BOe%2BGMtmdt3N%2F9j30FnGSCkmq67esGmj5cAXic08z5lczlHCwmw9i%2BkfayYVNfE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa217a619136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
mobilesafe.shop/file.php/ 19 KB
6 KB 550ms
180ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1bb40c827ea03ddd8bf312946ffde2a56522158948c4160d2b416088c1e53ecd

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 5969
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:47:15 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 209ms
150ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe6bb3dd027c582b085913d80f92b54e4ea46aa965299130db079412ee4b421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3GPQ17JK5BF4746ECW2S8RN
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 405
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"494845b5e1573e696774a390a39e22e4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7123aa255f299b34-FRA
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==>; rel=preload; as=script

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 174ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cbed9c42867aab27f0d6b22620506f8101b0702d6aba6a0d6a80034491a9323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39566
x-xss-protection: 0
last-modified: Sat, 28 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 May 2022 02:47:16 GMT

GET
H3 200 app.css
www.file-upload.com/mngez/css/ 247 KB
42 KB 33ms
32ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267207
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGlTeyfEHry8M%2FVqkWbXNAOCkpaUdOljSYi93%2FjUeDAJTqm%2F5zrmY%2B8LAMV7WwaXJtAGFGfPBZOiwP46axB7vJhiX%2B6hT7Rmfw%2Fno5uQPUepGn7Lu0DUiLajsQhOjto7HPf7UYIt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 02 May 2022 21:00:28 GMT
cache-control: public, max-age=31536000
cf-ray: 7123aa249d099bf8-FRA
cf-bgj: minify

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 292 KB
83 KB 61ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3674a25aceac2bbf4b658d32fd95afa91939e44a5e009d3589a971f3b6b104a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BBzJravy6mW/mlvhawCDRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85302
x-fb-rlafr: 0
x-fb-debug: RbToPivshcJVPeQaT470y45LBjwyRVH8pKitHzMAeuRjuZcbvdPn0z/+i8QQSE/I7chQw6aOYg3oqqboz/krqg==
x-fb-content-md5: 9ae0878a306b8d1e516d8d50aa54212f
x-frame-options: DENY
date: Sat, 28 May 2022 02:47:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3579525fca1409e568c69d9ae8f2f9e6"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 May 2023 02:50:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 141ms
91ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e8c01f811f1e170d7b8fd4fea3d3efa0bfda76d6d22e82e24b8f0b6b9aa7dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dV6WFflkV2ZtuWvLXCXirg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 28 May 2022 02:59:44 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 6iI0SpycZ9mgDupO4qckrTzYx5eqYkaLTzD1U2I6R4s71X6oGjQPRDd1qhDGnSGrniwVetYnTBdsBMWDtf8wnQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 1a79e0411cc35f621854de1f4ad14f92
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 28 May 2022 02:47:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "42aca56f5e664e968f550c2ef1a26b9a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 93ms
20ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4979
date: Sat, 28 May 2022 01:24:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 28 May 2022 03:24:17 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 82ms
24ms Script
application/javascript 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 07 Mar 2022 08:43:24 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 7063433
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: ipchjpuGlMKMLg-p8ewdntQEjunLIUYOOOfXm3bYm3ZqzhO_Qeri1Q==

GET
H3 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 134ms
134ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"3aa0d-5b9d6bb49011b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Fh2yZIx%2B9%2F7qNxsVkyG7P%2Bzu%2B1lVCtOBvrUUSV%2BEmsYwshn%2FS89ZbN2p9PXXcXaj1sLBMIwUqcL%2Fw620Ld8ivXcAuzTY%2Fa04SwwCiiAemb1r%2FsW6Vyl036QZMWu80MklZmf%2FOTE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2692000, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7123aa249d0b9bf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 28ms
26ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611725
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"c8f-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK9Rf7B%2FHTMPgPSunC8RNLaeLML4A6tWAB4vJNL5skuOHiAKsnQp%2Fn6gaNnqKeW%2BOG5Oo2jnQIxRZZfI6%2F6m30TFhEkJ2nEkiRE9xY6e0AEfY4CqgFl2gcMqO3nqEup6QC0la2D8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa25aed19bf8-FRA
expires: Tue, 01 Feb 2022 07:05:11 GMT

GET
H3 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 28ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611720
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B30YnX%2FG9FHILeidQ%2BKdxK1%2BBtUJpVoi60ON7oAClt%2FGGp0rg9BiyH%2BPxPfdKw92%2FVNGe%2Ba9oJO7Uv1Gm4vST9OBwpa2Oewh14W3Kho8Y2hx6Fy1%2BAJcKSZM2p74H%2B2J0E4QnPMY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa25aed29bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H3 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 29ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611720
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "281-57e1cf82658c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1z%2FAQlk1B4iOULPMfQObdQ5Hw8kmKlyDpAE0uJ%2F3ViXRPPQyS4lbH6VuDEuABJkd8DiIZx55xbRU%2BzvzsyxXyH829HA2wCrlfEfTv%2FWMTz1pxamQk8JdJiciGPcRgAgDMXRsKqT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa25aed39bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 22ms
21ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Mon, 27 Jun 2022 02:46:56 GMT

GET
H3 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 30ms
29ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611720
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"1363-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxltTkAnXVdPuNiKAog3k3gk8t1b1t2wj2yCLBwcVkdQN4OCyBy80%2B7JiggfzmKBVeb9PW5KJIfzfll5G5LuQ0DUJp4%2FLeFNRgH%2FFT9oB90mQs18nrdqfC%2Bu5M%2Biiv%2FTocvpr7oM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa25aed59bf8-FRA
expires: Tue, 01 Feb 2022 07:05:16 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 41ms
21ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=788a6ac837f13dfc0592d7e2acb55018

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

766988f34b6e6246d3787771b65015d12c084bd4b2a4103e0afd8de8d8122f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tlvXE3lpbqXwx/Ry5AsGXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 28 May 2023 01:28:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84257
x-fb-rlafr: 0
x-fb-debug: wE/e3Bxdln4+ar023dhuRg5GICKi1u9P5rs8iz4Wx6fAxKT9ryN8bsGPuZLhcXkbChXgMSh8FPYA4C0b9QGWJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a689a56e970e76c0354a6c19b551fa21
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 28 May 2022 02:47:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "af0a2f0b95fee2287d9070566a5f7503"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 27ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8840561
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"3aae-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjT7GjaqW%2BmDHOB3P8ebjuYrxTtcdp4TqNlJCUTEi0caMh1fnF506fuP0t7pVhC6X6%2BVgbEPSOQvU3mPBfjdb66VvU%2Fodjct8T50RdmvEGtnRn%2F227xdptIULtSRmxbgw%2BTGcsfL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa25aed79bf8-FRA
expires: Mon, 21 Feb 2022 19:04:35 GMT

GET poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 0
0

GET
H3 200 impl.v15.0.0.js Show response
live.demand.supply/ 77 KB
25 KB 52ms
28ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 656673
cf-polished: origSize=79512
cf-ray: 7123aa26085f8ffa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 bW9iaWxlc2FmZS5zaG9wLw== Show response
live.demand.supply/p4/v14-3-0/ 2 KB
990 B 192ms
168ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47fc2aaa0e149108bb772913151807fcefa62caa151cc56e69e873e818dcfe08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa2608618ffa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 52ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=210&cs=c&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa2609e29b9e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e28adbc31e083e1608da9f0892ee74e93d32ddd88cd4092e530f90deb2f79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56216
x-xss-protection: 0
server: cafe
etag: 17245957263500020739
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=ISO-8859-1
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 May 2022 02:47:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
82 KB 109ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

55ca4e40dd07faf3338fca2cfbf73dae5364158c2761f96542c055808855efcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
x-content-type-options: nosniff
server: sffe
etag: "1228 / 640 of 1000 / last-modified: 1653689078"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83470
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 May 2022 02:47:16 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
505 B 49ms
27ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G40M30TYSE2AH66KGEGZ5QPP
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 122471
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7123aa2609e19b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4350
date: Sat, 28 May 2022 01:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 28 May 2022 03:34:46 GMT

GET
H3 200 fontawesome-webfont.woff
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 43ms
43ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122528
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"17ee8-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jndDa13h3SUovfVWCV0hCewHCu1Z2OFZTlzjw3f9CKX%2F64L%2BtdPPJm%2BajvVwRid7OgtTwu%2BdU2e7sttH1ihGyxTbvbaVowfeMKxlmKpRpu8w20Yaphcwhmk46yAKmElr7mc2yYyd"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa260fd29a23-FRA

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 44ms
44ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122528
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28a0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9YlczW7QcMvg9B7saa%2Bowmh%2BDR1dmJ0uPewzS4lFjhDtYn0okKWidgzGiUE0nEQ0zyE8S4EoMB9Azio9%2FYlRAuXmjMeJ1fu2zHwucQ7nseK4it48UeUCwfEzdNhZX4zTowZ9XPt"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa2628049a23-FRA

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 30ms
30ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122528
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28b4-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjxZ68zkF9%2BUYAIio%2FY6HiGMiye1eAaHpoB%2BFIeOIIpi0v%2FqNlHrqC4k77GWKJkrS8JfD08V4ppGm%2B3Kwl0a%2F8IpIJGN1MF%2FCLovoVWXj%2FcG%2FVBALCBNlmOFwB%2FHVuJHz%2Feo4CP4"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa26583f9a23-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
363 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3RM2K0M5B9CQWKE2FDTDA8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122471
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa266a439b9e-FRA

GET
H2 200 mobilesafe.shop_fluid_sq_square Show response
api.demand.supply/v14-3-0/a/ 316 B
302 B 82ms
28ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/mobilesafe.shop_fluid_sq_square?&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b74b8ef2169c0107a81a1c68d5ec60b708207ab691895c2463fb63809e4091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4990
etag: W/"13c-bq6rG2rdcLCNyGexL1WuSuc/Mx8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa26f8eb9bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mobilesafe.shop_fluid_lb+sq_sqle Show response
api.demand.supply/v14-3-0/a/ 319 B
305 B 82ms
29ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/mobilesafe.shop_fluid_lb+sq_sqle?&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5f78fe8666aca23d1081848a3c6f4862e5e4804bb000b57f45cf4eac46bbc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3770
etag: W/"13f-8wTKNPCZg8JqdQt52K50FvCcRVw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa26f8ec9bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mobilesafe.shop_fluid_sq_sq Show response
api.demand.supply/v14-3-0/a/ 316 B
572 B 81ms
28ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/mobilesafe.shop_fluid_sq_sq?&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c7fe4775ba63bcb9e9061845bba51d1412d6a360864eea56af4e3d3ef7e1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4990
etag: W/"13c-Ng6ArsXVP7yihcTqZ4QtnMf6H98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa26f8ed9bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1090033263&t=pageview&_s=1&dl=https%3A%2F%2Fmobilesafe.shop%2F&dr=https%3A%2F%2Fwww.file-upload.com%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=588280923&gjid=1981614891&cid=1008871789.1653706036&tid=UA-126662314-1&_gid=1263290393.1653706036&_r=1&gtm=2ou5p1&z=1800085574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobilesafe.shop/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame EC53 10 KB
5 KB 70ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 22992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 20:24:04 GMT
etag: 1327746537699501093
expires: Fri, 10 Jun 2022 20:24:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 67ms
23ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126668
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 May 2023 20:52:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
121 B 71ms
29ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:16 GMT

GET
H3 200 mobilesafe.shop_auto_interstitial_desktop Show response
live.demand.supply/cpi/ 25 B
253 B 177ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cpi/mobilesafe.shop_auto_interstitial_desktop?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0a34e538cf2787905eefed5f6029bc659febecf7f4fdddd42ae76d2570f3b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa272b889b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 26ms
26ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3G1PMHJVPTBPAPWCAM9HQFR
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 240707
etag: W/"f923e959099088f58bd8d963df723b04-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7123aa2729508ffa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobilesafe.shop_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 28 B
256 B 197ms
197ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_auto_728x90_sticky_display_bottom?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29140ac5ff8abb0490dd46ff2b018ff1cf1c12ef76189a338b3172c96b020134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa272b8b9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28

GET
H3 200 mobilesafe.shop_fluid_sq_sq Show response
live.demand.supply/cp/ 28 B
256 B 192ms
192ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_sq?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29140ac5ff8abb0490dd46ff2b018ff1cf1c12ef76189a338b3172c96b020134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa272b8f9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28

GET
H3 200 mobilesafe.shop_fluid_sq_square Show response
live.demand.supply/cp/ 27 B
255 B 183ms
183ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_square?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c201a7855b546e1d1867e48d8e9b691deadd150249f022a7761c7a526edea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa272b929b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H3 200 mobilesafe.shop_fluid_lb+sq_sqle Show response
live.demand.supply/cp/ 27 B
255 B 220ms
220ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_lb+sq_sqle?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0854051280a3150d292867b602f37bd22bc38419f49eace29f36885b66e62f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa272b939b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_interstitial_desktop&pdc=2.139464855194092&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa283d089b9e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
795 B 80ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=ISO-8859-1
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
552 B 78ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 139 KB
45 KB 291ms
291ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=735616566856779&correlator=4128214040879514&eid=31067787&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C50fc0f43-4725-4777-97b5-d130f3f3f36a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1116909576&sfv=1-0-38&ecs=20220528&ists=1&fas=8&fsapi=false&prev_scp=ti%3Ddee1ddc0-c0d6-4f60-a6b1-b26125372c63%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D88&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706036526&lmt=1653706036&dlt=1653706035923&idt=500&biw=1600&bih=1200&ucis=1&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ea=0&ga_vid=1008871789.1653706036&ga_sid=1653706037&ga_hid=1090033263&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

03e4f6456a5e609ea90973406ba52639ff7c5831dd77939dfc3181f98c25ab28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46414
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 83ms
38ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3e31b23d067eee3becae410e0f0d97a07b673744735a0a85adb70f69d325cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10227
x-xss-protection: 0

GET
H2 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBBA 6 KB
6 KB 112ms
28ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 21ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052401.js?cb=31067787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 25 May 2022 10:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 May 2023 10:39:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_square&pdc=0.05004125088453293&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa286d399b9e-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_sq&pdc=0.007148750126361847&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa286d3b9b9e-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_728x90_sticky_display_bottom&pdc=0.007148750126361847&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa286d3d9b9e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
28 KB 287ms
287ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=735616566856779&correlator=254409394276193&eid=31067787&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cf152fd0a-aa6a-4efa-8db4-3b15697ae52b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3551285455&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Ddee1ddc0-c0d6-4f60-a6b1-b26125372c63%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D88&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706036537&lmt=1653706036&dlt=1653706035923&idt=500&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ea=0&ga_vid=1008871789.1653706036&ga_sid=1653706037&ga_hid=1090033263&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cb8b82da7544cef39e0c26856aa8684288882fb0210ba1f6612aee437564a8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28764
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
28 KB 310ms
309ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=735616566856779&correlator=1676175399286671&eid=31067787&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C41035550-e6ce-4a9a-affa-92417da35c2f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=1308350473&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Ddee1ddc0-c0d6-4f60-a6b1-b26125372c63%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D88&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706036546&lmt=1653706036&dlt=1653706035923&idt=500&biw=1600&bih=1200&adxs=245&adys=231&ucis=3&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=1008871789.1653706036&ga_sid=1653706037&ga_hid=1090033263&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c7288224b67a8f3fd309ff8999a67d21ab078b16acede73ecc55811e8697191e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28843
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
13 KB 1294ms
1294ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=735616566856779&correlator=661733902274475&eid=31067787&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cecc5ff8d-fb57-40bd-ae7c-b9ab38ef0b20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=2391326013&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Ddee1ddc0-c0d6-4f60-a6b1-b26125372c63%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D88&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706036555&lmt=1653706036&dlt=1653706035923&idt=500&biw=1600&bih=1200&adxs=245&adys=847&ucis=4&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=1008871789.1653706036&ga_sid=1653706037&ga_hid=1090033263&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a5b18a5600cbac4d12a8c2cbb8765b218a3c91d731f17d48f47cf524321f00c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_lb%2Bsq_sqle&pdc=0.08578500151634216&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa288d7d9b9e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
28 KB 288ms
288ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=735616566856779&correlator=4045544805337664&eid=31067787&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Ca7af7edd-b578-4dc7-951f-775bbd5420fd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=1517400100&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Ddee1ddc0-c0d6-4f60-a6b1-b26125372c63%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D88&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706036563&lmt=1653706036&dlt=1653706035923&idt=500&biw=1600&bih=1200&adxs=245&adys=691&ucis=5&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x116&msz=1110x116&fws=0&ohw=0&ea=0&ga_vid=1008871789.1653706036&ga_sid=1653706037&ga_hid=1090033263&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

40ef28da982b6499bbe13069210967e69b083f6d8cb9182c8c6025e1e332d4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29013
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
17 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CA0 13 KB
5 KB 63ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:30:26 GMT
expires: Sun, 28 May 2023 00:30:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE4E 783 B
1 KB 80ms
32ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9281e7f5391093df5f4a3cb883df5adc6959f776266b2ffa035d54eaf09623a

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-m-zFK0vggCnDnsk57HjQ8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'nonce-m-zFK0vggCnDnsk57HjQ8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sat, 28 May 2022 02:47:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CA0 36 KB
14 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:05:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE4E 0
0 85ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052401&jk=735616566856779&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 41 KB
12 KB 128ms
48ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:19:00 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11458
x-request-id: 378636541

GET
H3 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D38 6 KB
6 KB 68ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.97&b=2&r=mobilesafe.shop_auto_interstitial_desktop&sy=7b78374d-2c83-4db0-822f-72f207e8a4e7&ts=88&cd=2&pud=210&pus=c&pue=765&pid=72&pis=c&pie=838&ppd=194&pps=a&ppe=960&pad=124&pas=c&pae=892&pcl=743&ttc=962&tti=1479&ttif=0&lca=960&lcak=ppe&lct=960&lctk=ppe&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=dee1ddc0-c0d6-4f60-a6b1-b26125372c63&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa2a5f679b9e-FRA

GET
H3 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C7E6 6 KB
6 KB 54ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_auto_728x90_sticky_display_bottom&sy=7b78374d-2c83-4db0-822f-72f207e8a4e7&ts=88&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=dee1ddc0-c0d6-4f60-a6b1-b26125372c63&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa2a6f7d9b9e-FRA

GET
H3 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7E66 6 KB
6 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_lb%2Bsq_sqle&sy=7b78374d-2c83-4db0-822f-72f207e8a4e7&ts=88&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dee1ddc0-c0d6-4f60-a6b1-b26125372c63&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa2acfdb9b9e-FRA

GET
H3 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7E6C 6 KB
6 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
363 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_square&sy=7b78374d-2c83-4db0-822f-72f207e8a4e7&ts=88&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dee1ddc0-c0d6-4f60-a6b1-b26125372c63&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:16 GMT
cf-cache-status: HIT
age: 122472
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa2acfec9b9e-FRA

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame C7E6 27 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:45:38 GMT

GET
H3 200 16661714520071083061
tpc.googlesyndication.com/simgad/ Frame C7E6 64 KB
64 KB 24ms
24ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16661714520071083061

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aead2a33a2fadd7deb6b4c0cd31756073b30cc5aae342be2ab35cfaa78e54bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 16:09:39 GMT
x-content-type-options: nosniff
age: 470257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65039
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 07:55:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 May 2023 16:09:39 GMT

GET
H3 404 icon.png
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame C7E6 2 KB
2 KB 31ms
30ms Image
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:16 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C7E6 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:06:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7E6 136 KB
137 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C7E6 25 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:22:31 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C7E6 41 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 17:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15882
x-xss-protection: 0
server: cafe
etag: 8219006489259720894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 17:47:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C7E6 0
0 61ms
61ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJkYlNI2RYrvvI9qA7gOPnL3QBpyIyodir6-areIL6_u4reYkEAEglZvKIWCVgoCAsAegAbzhnfQDyAEDqQITkAcMUAKyPuACAKgDAcgDyQSqBIACT9C1llG_0MTzNOZsHkvhfzuoCDkfEU67Ph6yr40M2_NnjYeRdYIgFlCRAUos3l11bfqkXCETemCU84SUoCWfVGoKdaEd7kUcASd3SMacqJxaFEPhtdSjbW-A1_4a5p7iLXM_0qcS3U1NSCNVlz63044WM5jk4hXrtFFR9G97QGe2UyKmyFyyQyTTQSV0b3BZKY_0Bdsd_fEQhr2CHbD3n-FK9MQPBxnn0Kt9zVlrNtUgYEBwshABEl4gVrhk5waX2nZVNWLb9QWQwhVap0Mk_Ea1eNbvIKz9I4f_XXEvBAk4uVJ23NdlDohw1rgLgT-aGvdscR5l9JF6kXpYwt4hnMAEu4TZ5oMD4AQBoAYDgAesnuILqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5_IP0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=WfJPPRJ3DgQ&uach_m=[UACH]
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 0D38 400 B
631 B 78ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3A09 557 B
351 B 74ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 3A09 2 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
server: cafe
etag: 10137335727447750368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:45:25 GMT

GET
H3 404 icon.png
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 3A09 2 KB
2 KB 29ms
29ms Image
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 3A09 27 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:45:38 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 3A09 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:06:21 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 3A09 25 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:22:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A09 0
0 74ms
28ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoARUcPtivC8OtHgj-iXxxR1UM28DBtI5gnuQ4RPYlgTT57IzromDNkt9ZhuJ0P86CS_Vlljyp2Hbo-rtKL6_K3wiRgg
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A09 136 KB
136 KB 109ms
91ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H2 200 1387aee29eba15ac93df7e973bb6437e.js Show response
www.gstatic.com/mysidia/ Frame 3A09 41 KB
16 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1387aee29eba15ac93df7e973bb6437e.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3bd12556f149270f4d482e9b8e5193945a23b3479d11c6f5679023b874a5715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 26 May 2022 00:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15914
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 00:19:34 GMT

GET
H3 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 0D38 27 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6100369234d25286a631cd31a426c776e1a9c310721f488474968b46cb1f859f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10882
x-xss-protection: 0
server: cafe
etag: 13468916648900861594
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:31:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D38 205 B
294 B 71ms
23ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:12:47 GMT
x-content-type-options: nosniff
age: 5670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 May 2023 01:12:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D38 604 B
1 KB 70ms
22ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:08:54 GMT
x-content-type-options: nosniff
age: 2303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 May 2023 02:08:54 GMT

GET
H3 404 icon.png
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 7E66 2 KB
2 KB 29ms
29ms Image
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 7E66 27 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:45:38 GMT

GET
H3 200 1855386630868992114
tpc.googlesyndication.com/simgad/ Frame 7E66 105 KB
105 KB 23ms
23ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855386630868992114?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnHUMiroIKq5lm5E-tTc9_O1qGFjw

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

178fd25a165892e41108f547a0386f1b4442262b632552a36d566bc43c442394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 26 May 2022 01:08:03 GMT
x-content-type-options: nosniff
age: 178754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107738
x-xss-protection: 0
last-modified: Tue, 24 May 2022 12:34:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 May 2023 01:08:03 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E66 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:06:21 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E66 25 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:22:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E66 0
0 64ms
28ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRy4CUtva96_pKdZejAWlg8eCHccPMLm_YDlbBpdXysiuESRqzImPyNBs2dRRdfcrYk6UiPrzddTMF3btHrDe8DjXC3bA
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E66 136 KB
136 KB 91ms
81ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E66 41 KB
16 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 17:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15882
x-xss-protection: 0
server: cafe
etag: 8219006489259720894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 17:47:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7E66 0
0 68ms
67ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl_RENI2RYtGkJdCJ7gOPl5BY8Y63pWqpoM-BphDa-8Lzkg4QASCVm8ohYJWCgICwB6ABnK_7qALIAQLgAgCoAwHIA8kEqgTxAU_QSNNYmjUOcsehYBzaNqHlmA6z10coGoEz-UNUl7yIMPH_vinw9DU2tEW9z3jgVGKTdEPS3UA7oSi5aDD4rFnFM2FILFV2VhKZ_X0J-auOAxPKwihj96FObMbirlUxQn4xKLqvh1PnHtE_XHQlI-aKn-6anf333cmnKZ51D1GtWF1Di1GfKXbfrKojEeMyTC0pvwgG7VFJ24WBxGXSqZdDeyCPAAxOO78HLkPaSYSEaaOU7nlitjTIo9Gl8504hlVhFSf6Y3EbqUGzBkwSWRiUjhRCV8a50-UA2sBk3p7kJAi6oN83oot0D_Wri7bbc6_ABNa418f5A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMD8E9IICQiI4YAQEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=PkmsNvW4frE&uach_m=[UACH]
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 404 icon.png
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 7E6C 2 KB
2 KB 32ms
31ms Image
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 7E6C 27 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:45:38 GMT

GET
H3 200 15166378328361704974
tpc.googlesyndication.com/daca_images/simgad/ Frame 7E6C 82 KB
82 KB 32ms
32ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15166378328361704974

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9c2dcb27a3cc6b24a9df1dff3b6222ec07f3a7e024bf1d5acbc27957188f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 26 May 2022 01:10:00 GMT
x-content-type-options: nosniff
age: 178637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83966
x-xss-protection: 0
last-modified: Wed, 04 May 2022 14:30:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 May 2023 01:10:00 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E6C 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:06:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E6C 136 KB
136 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E6C 25 KB
10 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:22:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E6C 0
0 57ms
28ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2nglaKQ1rvlvcXGuYsYQn7JqcyAzYqL8A03r9PYNYDVn2p_pQ0VNZv-AEXK2nrmfAS-AgUIwJn831nZ8df7J3gKdniw
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 7E6C 41 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 17:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15882
x-xss-protection: 0
server: cafe
etag: 8219006489259720894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 17:47:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7E6C 0
0 65ms
64ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CenKkNI2RYpHSJJDl7gPcs5LQC921xKZqjdiGr-sP2dkeEAEglZvKIWCVgoCAsAegAZyv-6gCyAEC4AIAqAMByAPJBKoE8QFP0EL0ayNNFTxiyFPlGPmmUCcvFpp8FgEoCC1JZgxQdpIkDfJ-TFdIbBGQEapgxEUO4cVpAlXSitMZjAAis7_G9Vk6Dj7XLsr7OL-rPLhMVmb75ot9ILxmqFHjZJl7QbKS69-uyi7kBENdnM411Ycdm5Wpu8xppem4sRBGYHVrcn16PiNpjhZVz1n0diAMw2bsNJDDeOWpnVr9aicPMDk6Hp5B2VnxOQO4Ah_MUO8SFZ1fvz2DuI615N_IdTF8sMaXak8cwDNZ5wLcHB5lrmqUKHvO3KadwIVme7IncXPMjQ5J-7wi1yq176Kswr-Kb7_JwASuxISJggTgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDW2hbSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=x9q8JOkxeS4&uach_m=[UACH]
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 71ms
21ms XHR
text/plain 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mobilesafe.shop/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mobilesafe.shop
date: Sat, 28 May 2022 02:47:17 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB40 143 B
163 B 67ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 93
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C817 143 B
163 B 52ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 93
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9B9 143 B
163 B 37ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 93
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BBF 143 B
163 B 34ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 93
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CA0 0
9 B 20ms
19ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ExU6eA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C817
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

38ms
37ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
expires: Sat, 28 May 2022 02:47:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BBF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
43ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
expires: Sat, 28 May 2022 02:47:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

44ms
44ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
expires: Sat, 28 May 2022 02:47:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

53ms
53ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
expires: Sat, 28 May 2022 02:47:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8202 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:05:49 GMT

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 02CB 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:05:49 GMT

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame DAFE 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:05:49 GMT

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D76 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:05:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052401&jk=735616566856779&bg=!IyClIGTNAAao8wy8iPM7ACkAdvg8Wk9DM4ZvqJ_3bI10rhDgmlc3_bC6iDyReDr0s8HC_cgOAg3x9QIAAACQUgAAAAJoAQcKAHorvaSHhp7aZm9fYW1gvx5_YlCNjoAWXCbLTmoX9k50qcARKkx59AAR8oZHHEZczHOmjx1oAgQgouhfzJU3E5Xw02X9kLHIAqYPHwLC2ZS_6d5VVF44hGQNhJBDyftczlqLWhCqRhRAa9gc4vxQS881Jmu2PgCzh8UUtZkCjmBrYUw2hCuYcN7NPPqPzWZC4yuen1_CEe8cEK7u68BJtvUO-gE6mLCXdVe57FRlCjRANxHvc3VvbByTSZv50-ydbBr0Qec78Ttjvcarqom_iWui0drBNUDpscwWQgrdvj_PwxFp5PHJPs7u9iFrNbqHF94balnqemuHFQUUtFp-xxD69a_2LWniKxNk0jb1a1ByrNnjg97oPJoUUtWjfJqLJ5sZAzVaXFUo2AB5gOeVflfB5BL00yMtTqiW6C52Y3qoKLfvkJrasQD0__GSnJnNpJ94GHjrIu3GGVnNb01IUy6TvJrKj0b7-y4_yYIq_so6ki2WXuqgvqeHGJoS04ekvTtB0IYIW68yxR4vw_9ojT-IthAnZTlDklJqrdbGDUWoGYjg8LVZA9lM9ZHIpok5msZaDY_SHSXqcjuBi_JzIrHjwJ5nciDEhT5bPok_L1y71R4DiHwxLkiOteswhcDAbFKAGTxbMYmWkZxXLnxIsY8n651rNyVoj_CgKHLQF1qm5zZe6qDkz_1QtmHlxEZVWXQSjfj8J5otKj8kAB_5rbdh48cbzjg1bNw4HxtD0ChEcisYbpHEaHEfsWaIyp1Q2LLZ2SSGgXqMzLA2f2eenVsGZlGmdHqFdvjp51IeCEWb0J3BcL_NBXgQZO_19K1y87NFmw_TW4npkcaGIaZ3gnsfaSVuPIQGK-o7oagwHDT_yS0FKEe3yIvEnX4Nwc5fLN-lBjvj5ULpdxvYaARx1nEa3_ySYrs-zXrIlavhWKlzC64joNcovszIeICy4FB4BZZdFiNWDFerI20igy6-IiE5KJ8ZW2jQufqybrRJgy13WJ9ZmX82g4A4OxFdcOSSTtGn812R1mpFO7Rtqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 container.html Show response
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0657 6 KB
6 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js?cb=31067787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:16 GMT
expires: Sun, 28 May 2023 02:47:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_sq&sy=7b78374d-2c83-4db0-822f-72f207e8a4e7&ts=88&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dee1ddc0-c0d6-4f60-a6b1-b26125372c63&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:17 GMT
cf-cache-status: HIT
age: 122473
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa30cf6f9b9e-FRA

GET
H2 200 / Show response
track.seadform.net/adfscript/ Frame 6CEB 1 KB
2 KB 140ms
41ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfscript/?bn=39127511;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Clqq8NI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9wFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVCTMm5yS9ycvx_cLtKnjjxDHAXPf7sBdRyYaKYWeOYKhTzx4mZRgkGW3Ns7aCwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAG4DAHYEwPQFQH4FgGAFwE&num=1&sig=AOD64_1I4GbF0gDX4YFb-S65fOrEGjJEuw&client=ca-pub-3831894559014614&adurl=

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa75fae693d80c8080491855c840280c8ddff9af2ea4bf557fda25b9017e63b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1308
expires: -1

GET
H3 200 m_js_controller.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 6CEB 46 KB
17 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/m_js_controller.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

275210c5abf2c364d73c8f6c630bb2c60b291c477d25838e9f24bccabd87aa95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17348
x-xss-protection: 0
server: cafe
etag: 773547890430479932
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:25:12 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 6CEB 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:06:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CEB 136 KB
136 KB 73ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:17 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 6CEB 25 KB
10 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:22:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6CEB 0
0 29ms
28ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi7bBwkRxKAsOA-ngaZxkIUr87msO1pkUG9PUxw6d3o5nKb3dakOFn9iQGgLnnfCUSY7MXDSbmiwBHdrIe18i1vPB0Sg
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 404 icon.png
42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 6CEB 2 KB
2 KB 30ms
29ms Image
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 6CEB 27 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:45:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6CEB 0
0 61ms
60ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1eNzNI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9AFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVSzEHded0fY8ISbIt1xEpEQDbVlrxng-kHmPjq7gScYRLDvKKIeEQh7BHwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCpqQ_SCAkIiOGAEBABGB2ACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=wgvKJDex7rY&uach_m=[UACH]
Requested by: Host: 42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 bootstrap.js Show response
s1.seadform.net/stoat/626/s1.seadform.net/ Frame 6CEB 33 KB
16 KB 240ms
33ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Requested by: Host: track.seadform.net
URL: https://track.seadform.net/adfscript/?bn=39127511;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Clqq8NI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9wFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVCTMm5yS9ycvx_cLtKnjjxDHAXPf7sBdRyYaKYWeOYKhTzx4mZRgkGW3Ns7aCwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAG4DAHYEwPQFQH4FgGAFwE&num=1&sig=AOD64_1I4GbF0gDX4YFb-S65fOrEGjJEuw&client=ca-pub-3831894559014614&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b8cd204d34443045e29605278f67cc29cc78de6a035d140e01417cf2afc7320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 29 May 2022 06:32:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E6C 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAiBRhVjHc2ndgbgFNwG7ITHPQjJUvp9-ymJbwIBvhqZjZqm7JK2PMg2bKtuQW54XIF8uEyPeQoV8EeGao0xAmU5U08SCz7x-76LfvjcsanR6WGfADJBPSygIZ&sai=AMfl-YTFWrClGjw6zLI7-Oud9ldwT4E_ladzcjw8GMwWjJwJGL6owQxYnkD8vneBxTGvhj_LjOSLP8cSOv70kTJ-BUfLLtkPSx5pp4SYxzOKNQadlolAIpt5DSygFkZer-0&sig=Cg0ArKJSzLZoC4qn-UDpEAE&id=lidar2&mcvt=1000&p=239,288,503,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1308350473&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706036918&rpt=240&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C7E6 0
0 56ms
55ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-qmrNI2RYrvvI9qA7gOPnL3QBpyIyodir6-areIL6_u4reYkEAEglZvKIWCVgoCAsAegAbzhnfQDyAEDqQITkAcMUAKyPuACAKgDAaoEgAJP0LWWUb_QxPM05mweS-F_O6gIOR8RTrs-HrKvjQzb82eNh5F1giAWUJEBSizeXXVt-qRcIRN6YJTzhJSgJZ9Uagp1oR3uRRwBJ3dIxpyonFoUQ-G11KNtb4DX_hrmnuItcz_SpxLdTU1II1WXPrfTjhYzmOTiFeu0UVH0b3tAZ7ZTIqbIXLJDJNNBJXRvcFkpj_QF2x398RCGvYIdsPef4Ur0xA8HGefQq33NWWs21SBgQHCyEAESXiBWuGTnBpfadlU1Ytv1BZDCFVqnQyT8RrV41u8grP0jh_9dcS8ECTi5Unbc12UOiHDWuAuBP5oa92xxHmX0kXqReljC3iGcwAS7hNnmgwPgBAGgBgOAB6ye4guoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDn8g_SCAkIiOGAEBABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=cHF_FvHQBNw&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7E6 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBlwTJqUPsFtA_TkB_r07zzNPaLqgMTeLC05Pre-rq1A8s0VU4NNqVK54aMLAe5XbkHQLqvGQ9mHbbXEUk9zisaBSJ70LsmD-pb1gUGhnGyfUv8bhk8q5N2O2K6QWF6KXml6ZpCVUbpw3M6ui8EGu9&sai=AMfl-YQaPORna-oUM3eSXKD_EqFLLyWuAjnswr0qTz_GhaK1PqOG-479bO_AQoMXCqrdNpHkuUpKriJVA8p1No8pyvtSUz8CweKjlh9igffvKqQCXjXdnBKq0Iftk3DcUI4&sig=Cg0ArKJSzJ_SXMCm-kIOEAE&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3551285455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653706036854&rpt=291&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E66 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstql_5RcSpbQzG9fkGy2nk23nA70HEEnzJdOkiiy_WUJBBEaNC1ViUzJsRwxdMf4132U_y79ioO23KG-6MrRFIm396beLOuT16i-XHCDtnIaS7Q12n15fD9mZUB&sai=AMfl-YRBdXNhfE3lTuF9Pxbod_LOUUYrCWARxSe6k7Nw_w1HtBG_olLPL4G9rIwTa_iYwxG_4pnaCZMWOZCw_I5MlZL32MUsN1jKfjbzZJ08G_XhCmEzudck-BRu3WGx1HI&sig=Cg0ArKJSzMifxit9VwhdEAE&id=lidar2&mcvt=1005&p=699,288,963,1312&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1517400100&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706036907&rpt=260&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.seadform.net/adfserve/ Frame 6CEB 8 KB
4 KB 43ms
42ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?CC=1&bn=39127511;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Clqq8NI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9wFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVCTMm5yS9ycvx_cLtKnjjxDHAXPf7sBdRyYaKYWeOYKhTzx4mZRgkGW3Ns7aCwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAG4DAHYEwPQFQH4FgGAFwE&num=1&sig=AOD64_1I4GbF0gDX4YFb-S65fOrEGjJEuw&client=ca-pub-3831894559014614&adurl=;js=1;adfxid=1x;6751;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fmobilesafe.shop

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

07400672418ccd0dc54b40a17bb670354ef54e7aa5bcea8d76ea6a7224c63ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3736
expires: -1

GET
H2 200 Standard Show response
s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.220/e/2gQBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 6CEB 90 KB
39 KB 55ms
54ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.220/e/2gQBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5d7d1539a987f98302973ede727da3e6044d7c2c9b827d2f01e8ebb6cef18756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 29 May 2022 06:33:58 GMT

POST
H2 200 /
track.seadform.net/csimpr/ Frame 6CEB 35 B
503 B 41ms
41ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/csimpr/?bn=39127511&csi=cVzNkhDda11b0AKtE_0JqfIc8IexIVRy1QOmmTqyUkzbNUjYKkRX5kzbbh_bv4zHPDDq4nUo5vf_IKe1ay5SVLyOpNDfIsLF0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 8154594.js Show response
s1.seadform.net/Banners/Elements/Files/33069/8154594/ Frame 2B64 13 KB
5 KB 34ms
34ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.seadform.net/Banners/Elements/Files/33069/8154594/8154594.js?ADFassetID=8154594&bv=1542

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/cysfgmbgmnoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

731fa3d6dcc73971dbb4c6c49223076a744d3e8eab66f86ce1ab83dd45cfa0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 08:26:06 GMT
server: nginx
etag: W/"5ffeae9e-3272"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.seadform.net/banners/scripts/rmb/ Frame 2B64 30 KB
13 KB 36ms
36ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.220/e/2gQBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 index_8bd1cd474465b6c94fd0.js Show response
s1.seadform.net/Banners/Elements/Files/33069/8154594/bvpath_1542/ Frame 2B64 22 KB
9 KB 39ms
38ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.seadform.net/Banners/Elements/Files/33069/8154594/bvpath_1542/index_8bd1cd474465b6c94fd0.js

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.220/e/2gQBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

380071f7bce78fce7dea7acb9d2c465584295889205c26c5be3ed55d1d60e71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 08:26:05 GMT
server: nginx
etag: W/"5ffeae9d-5734"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
DATA 200
OK truncated
/ Frame 2B64 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94851f470921dead8767d5d7ad0249b722ae03fbf5a3810c472a3e608ebc249f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2B64 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4126dfd320a683caf3dec4d47ae01c9a4c613572357f295629812574cd8d2b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2B64 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51b64d295549b8ec4848952b647a9093299133bef0900736ec931e682fd8d471

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 2B64 422 B
241 B 75ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/Banners/Elements/Files/33069/8154594/bvpath_1542/index_8bd1cd474465b6c94fd0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

775c6b054e9dfb7b6e575cec42e0511e35e4f72b50c20a8db13e3340ed3f292e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:18 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rm.ttf
fonts.gstatic.com/s/robotoslab/v23/ Frame 2B64 24 KB
16 KB 80ms
28ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v23/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rm.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4edf3fb1a98adde7b4713e6be7c1d8a42f4d43025598ded006f759506aee921f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 22:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16479
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:25:08 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rm.ttf
fonts.gstatic.com/s/robotoslab/v23/ Frame 2B64 24 KB
17 KB 71ms
22ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v23/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rm.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f01926625261ae39df20693e9b6376e368e1aa2efae6ef82e5ef7536a3145e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16385
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:54:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 00:42:45 GMT

GET
H2 200 / Show response
track.seadform.net/dco/recommendations/ Frame 2B64 19 KB
4 KB 46ms
46ms Script
application/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/dco/recommendations/?aid=33069&tid=29614&tv=1&icid=-1388959162741256819&eid=376064&rotseqno=1&smid=0&dco=2&bnrid=39978029&intid=2487045963470235809&geo=7597,10528,276&bn=39127511&gcnt=100&pgsz=100&format=json&callback=adform_com_399qma6et9k

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

76bef9d54d6a72afa60d2c5be88321418ea12cc78f1877bf72fd49df9a79bed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

correlationid: 99b3936a-afe8-4e4a-aecd-1577f5e984fc
date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-origin: dcotar003prpjay
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
content-length: 3380

GET
H2 200 index.html Show response
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 68 KB
19 KB 37ms
37ms Document
text/html 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/Banners/Elements/Files/33069/8154594/bvpath_1542/index_8bd1cd474465b6c94fd0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f4539a8beee839419432eb82f98d9697036082de4bf72e79f33b476f25a49c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public max-age=604800
content-encoding: gzip
content-type: text/html
date: Sat, 28 May 2022 02:47:18 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server: nginx
strict-transport-security: max-age=0
x-cache-status: HIT

GET
DATA 200
OK truncated
/ Frame 2B64 317 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6346751e116b40fb8db7f3278b30134f7c2919f756e80ba9c9685eddf3f0b34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2B64 441 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c095d4371c86e3700e1bb3803eb2f7a8e8d1a7989f227592c60a01d8a4b501f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 8AC8 134 KB
46 KB 91ms
22ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 May 2022 02:48:05 GMT

GET
H2 200 table_accessory_01.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 15 KB
6 KB 36ms
35ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_01.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

51e30c6e62c729de93623201584cbe1cc5ce244804dd960d5bfe48edbe0eba43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-3ba8"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table_accessory_06.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 6 KB
3 KB 37ms
36ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_06.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e15f1ce4c5a536851199e7d53cdf79739e8dc8c4e0229f3f295e1d78b7a96d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-17f7"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table_accessory_04.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 38 KB
14 KB 40ms
39ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_04.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9f30391af8d5e604fe7a08f7e964d3c25b537b7b6bd73154fde10f170a466027

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-9870"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table_accessory_02.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 2 KB
1 KB 41ms
40ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_02.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ec897bd0a8a7001491bb7aa62f82a1de94db53bc38024de7e21de4765db2a59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-63a"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table_accessory_05.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 26 KB
12 KB 44ms
43ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_05.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0df42c510ab2e6567be986e1662db90dfc783ea310574872c11454a9220e5a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-6853"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 35 KB
8 KB 46ms
45ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0308e01b00cd4b7a4a0f399dd3890e53eea2e5df54e89f1e8f1d5a16519c5e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-8a2a"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H2 200 table_accessory_03.svg
s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/ Frame 8AC8 7 KB
3 KB 47ms
47ms Image
image/svg+xml 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/table_accessory_03.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

01675fbb2b3089f6da63123be783c8f60c54dc042bc4b8a6e80b7958b0a6fce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.seadform.net/banners/elements/files/171352/8159148//01_Audio_Professional/728x90/02_Animation/2005_Job_Automation_Banner_Audio_Professional_728x90/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 11:54:59 GMT
server: nginx
etag: W/"5ece5513-1b12"
x-cache-status: HIT
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=0
content-type: image/svg+xml

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6CEB 0
0 57ms
57ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1eNzNI2RYonnJITk-gaC74HYD_3J6f9gmobTpt8L_6b5-7obEAEglZvKIWCVgoCAsAegAaXgjNwDyAEJqQITkAcMUAKyPuACAKgDAaoE9AFP0LCyKtKsHLXoUWD7HsNHXMR3lHrKu9eb6GfGlXEZ0g6gxIfCyo15_njyE8_q5pGJCk8t8DpznA43JGTFicVQIX7iK5sP5YAOmqndoDKeq7Pknx9oJWyFsOP-USgr1bObMcwSY3VW9P8-ethOAtU9efhQTLkhNdCQDwcuCKFmOBoVUv6E9Bvtq82i16HyEK3xQSYjk5W1irAoMEtqiZLCUHA8ZDQX8AmhbAfMV4zsiAHUZudJC3WPDMAGqoS3gWFr35SnevcLb_TVSzEHded0fY8ISbIt1xEpEQDbVlrxng-kHmPjq7gScYRLDvKKIeEQh7BHwAT74u2imwPgBAGgBhGAB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCpqQ_SCAkIiOGAEBABGB2ACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=wgvKJDex7rY&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CEB 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlHRTYNxL_fMaJHGZMLtomZqHXcfEs4p1KW2F7TTTHs2ZUWPFziCIaZYvLq77QxQMrRhUmVDOZCK-uYT6rq67sOsCUuqzlq8JhmYQ0iDFuOgAWbtqQs-8W0rym&sai=AMfl-YTZD0KGrp1CQ2Z-_ZhxnEHONd8F_3uCsxDOgnb38NG-QRtpJtWe1JkfaBTc2poiVpJxArWPJzlb6-1GFTvHeHonWQABX09L4xctGXODHITEC26mBeT4DLJGo4R6uXs&sig=Cg0ArKJSzJmgjqbm9_G5EAE&id=lidar2&mcvt=1000&p=1011,288,1101,1016&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2391326013&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653706037903&rpt=491&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.seadform.net/serving/unload/ Frame 6CEB 35 B
503 B 41ms
41ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/serving/unload/?version=15&unload=-1388959162741256819@@39127511,2487045963470235809,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|7Nzufcq6Ln6jXuUM8tfH4oWwPz-Dzxh0pow_bbASUvRyGBxNQhrp1wJ1gDRGwv2I0|||11||0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elementalantecedent.com
URL: https://elementalantecedent.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.com/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.com/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Sat May 28 2022 02:48:15 GMT+0000 (GMT), path=/
freychang.fun/	1970-01-20 12:00:10	Name: csu Value: 1511033550568000@1@1653706035
live.demand.supply/	1970-01-20 20:52:58	Name: demandSupplyTi Value: dee1ddc0-c0d6-4f60-a6b1-b26125372c63
.mobilesafe.shop/	1970-01-20 20:52:58	Name: _ga Value: GA1.2.1008871789.1653706036
.mobilesafe.shop/	1970-01-20 03:23:12	Name: _gid Value: GA1.2.1263290393.1653706036
.mobilesafe.shop/	1970-01-20 03:21:46	Name: _gat_gtag_UA_126662314_1 Value: 1
.doubleclick.net/	1970-01-20 12:43:22	Name: IDE Value: AHWqTUn_2o3kEswFWCXv2n85OUtQGWriMUXcsN-RyAREprGTRBoZQCYO0dxG4LJIxlA
.doubleclick.net/	1970-01-20 03:21:46	Name: test_cookie Value: CheckForPermission
.mobilesafe.shop/	1970-01-20 12:43:22	Name: __gads Value: ID=44b107d8b041197e-22331113a1cd0035:T=1653706036:S=ALNI_MbPCIVrUHZ-POsbqiltW2Fg779Vlg

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-318303980%3A1653706035454282&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczOOqTrIAjyfdemvaA66KdgjBLkBNF34_8eSTqTzwGNo3i300jnXVkP-gR-8CFZg38-DNJcxg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1710847194%3A1653706035497596&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwzoQ6AcKN_DTfCGkaw1Nk109abSq4X1i4zRfXuKglf2xqmQoMdXs2ntcNbtwarlJ65jdiJtQ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42be3e5c2f7b1d4505cb70b99b20cf57.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
api.demand.supply
cdn.id5-sync.com
certify-js.alexametrics.com
connect.facebook.net
d26adrx9c3n0mq.cloudfront.net
denknowled.xyz
dinterperson.xyz
elementalantecedent.com
file-upload.site
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
id5-sync.com
images.dmca.com
live.demand.supply
mobilesafe.shop
pagead2.googlesyndication.com
s0.2mdn.net
s1.seadform.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
track.seadform.net
www.facebook.com
www.file-upload.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
elementalantecedent.com
www.file-upload.com
141.95.98.70
142.250.185.194
151.139.242.29
18.66.248.38
18.66.248.92
188.114.96.3
2600:9000:214f:8c00:b:b271:7c80:21
2606:4700:3030::6815:2dcf
2606:4700::6810:8616
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:80f::200d
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
37.157.5.142
37.157.6.235
46.105.202.126
66.29.132.14
01675fbb2b3089f6da63123be783c8f60c54dc042bc4b8a6e80b7958b0a6fce2
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
0308e01b00cd4b7a4a0f399dd3890e53eea2e5df54e89f1e8f1d5a16519c5e7c
03e4f6456a5e609ea90973406ba52639ff7c5831dd77939dfc3181f98c25ab28
07400672418ccd0dc54b40a17bb670354ef54e7aa5bcea8d76ea6a7224c63ed8
07c7fe4775ba63bcb9e9061845bba51d1412d6a360864eea56af4e3d3ef7e1fc
0b8cd204d34443045e29605278f67cc29cc78de6a035d140e01417cf2afc7320
0df42c510ab2e6567be986e1662db90dfc783ea310574872c11454a9220e5a58
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
178fd25a165892e41108f547a0386f1b4442262b632552a36d566bc43c442394
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1bb40c827ea03ddd8bf312946ffde2a56522158948c4160d2b416088c1e53ecd
1c5f78fe8666aca23d1081848a3c6f4862e5e4804bb000b57f45cf4eac46bbc3
1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d
275210c5abf2c364d73c8f6c630bb2c60b291c477d25838e9f24bccabd87aa95
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
29140ac5ff8abb0490dd46ff2b018ff1cf1c12ef76189a338b3172c96b020134
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd
3674a25aceac2bbf4b658d32fd95afa91939e44a5e009d3589a971f3b6b104a4
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
380071f7bce78fce7dea7acb9d2c465584295889205c26c5be3ed55d1d60e71b
3cbed9c42867aab27f0d6b22620506f8101b0702d6aba6a0d6a80034491a9323
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
40ef28da982b6499bbe13069210967e69b083f6d8cb9182c8c6025e1e332d4f3
4126dfd320a683caf3dec4d47ae01c9a4c613572357f295629812574cd8d2b6d
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487
46c201a7855b546e1d1867e48d8e9b691deadd150249f022a7761c7a526edea6
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47fc2aaa0e149108bb772913151807fcefa62caa151cc56e69e873e818dcfe08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e
4edf3fb1a98adde7b4713e6be7c1d8a42f4d43025598ded006f759506aee921f
51b64d295549b8ec4848952b647a9093299133bef0900736ec931e682fd8d471
51e30c6e62c729de93623201584cbe1cc5ce244804dd960d5bfe48edbe0eba43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ca4e40dd07faf3338fca2cfbf73dae5364158c2761f96542c055808855efcc
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7d1539a987f98302973ede727da3e6044d7c2c9b827d2f01e8ebb6cef18756
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6100369234d25286a631cd31a426c776e1a9c310721f488474968b46cb1f859f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d
62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c095d4371c86e3700e1bb3803eb2f7a8e8d1a7989f227592c60a01d8a4b501f
72e28adbc31e083e1608da9f0892ee74e93d32ddd88cd4092e530f90deb2f79d
731fa3d6dcc73971dbb4c6c49223076a744d3e8eab66f86ce1ab83dd45cfa0bb
766988f34b6e6246d3787771b65015d12c084bd4b2a4103e0afd8de8d8122f6e
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
76bef9d54d6a72afa60d2c5be88321418ea12cc78f1877bf72fd49df9a79bed7
775c6b054e9dfb7b6e575cec42e0511e35e4f72b50c20a8db13e3340ed3f292e
8062e6683074c3616dd20a7d19ce46807f75b5efed59c3d4ff575cffd0e5334b
8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aead2a33a2fadd7deb6b4c0cd31756073b30cc5aae342be2ab35cfaa78e54bf
8e8c01f811f1e170d7b8fd4fea3d3efa0bfda76d6d22e82e24b8f0b6b9aa7dd8
94851f470921dead8767d5d7ad0249b722ae03fbf5a3810c472a3e608ebc249f
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9f30391af8d5e604fe7a08f7e964d3c25b537b7b6bd73154fde10f170a466027
9fe6bb3dd027c582b085913d80f92b54e4ea46aa965299130db079412ee4b421
a0854051280a3150d292867b602f37bd22bc38419f49eace29f36885b66e62f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f
a3bd12556f149270f4d482e9b8e5193945a23b3479d11c6f5679023b874a5715
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b18a5600cbac4d12a8c2cbb8765b218a3c91d731f17d48f47cf524321f00c0
a6346751e116b40fb8db7f3278b30134f7c2919f756e80ba9c9685eddf3f0b34
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
a9281e7f5391093df5f4a3cb883df5adc6959f776266b2ffa035d54eaf09623a
aa75fae693d80c8080491855c840280c8ddff9af2ea4bf557fda25b9017e63b3
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd
b2b74b8ef2169c0107a81a1c68d5ec60b708207ab691895c2463fb63809e4091
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3
c7288224b67a8f3fd309ff8999a67d21ab078b16acede73ecc55811e8697191e
c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
cb8b82da7544cef39e0c26856aa8684288882fb0210ba1f6612aee437564a8bc
d9c2dcb27a3cc6b24a9df1dff3b6222ec07f3a7e024bf1d5acbc27957188f6d1
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
e0a34e538cf2787905eefed5f6029bc659febecf7f4fdddd42ae76d2570f3b36
e15f1ce4c5a536851199e7d53cdf79739e8dc8c4e0229f3f295e1d78b7a96d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e31b23d067eee3becae410e0f0d97a07b673744735a0a85adb70f69d325cc0
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
ec897bd0a8a7001491bb7aa62f82a1de94db53bc38024de7e21de4765db2a59d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01926625261ae39df20693e9b6376e368e1aa2efae6ef82e5ef7536a3145e13
f4539a8beee839419432eb82f98d9697036082de4bf72e79f33b476f25a49c63
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

mobilesafe.shop Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

97 %HTTPS

69 %IPv6

25 Domains

35 Subdomains

33 IPs

5 Countries

3331 kBTransfer

6543 kBSize

10 Cookies

31 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

97 %
HTTPS

69 %
IPv6

25
Domains

35
Subdomains

33
IPs

5
Countries

3331 kB
Transfer

6543 kB
Size

10
Cookies

200 HTTP transactions
7 data transactions