mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/mm6g5j4iuisi
Effective URL:
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Submission Tags: phishing
Submission: On May 28 via api (May 28th 2022, 2:47:25 am UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 25 domains to perform 206 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mobilesafe.shop.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2022. Valid for: a year.

This is the only time mobilesafe.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:214... 2600:9000:214f:5000:b:b271:7c80:21	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
6	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.156.46.17 108.156.46.17	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
22	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.4.90 99.86.4.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
4 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:b60... 2a02:26f0:b600:182::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	213.254.244.105 213.254.244.105	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
206	35

21 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:5000:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)

d26adrx9c3n0mq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

elementalantecedent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.46.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-46-17.lhr50.r.cloudfront.net

denknowled.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dinterperson.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

mobilesafe.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-90.fra6.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:b600:182::4469 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.105 (Surbiton, United Kingdom)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	573 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	388 KB
23	demand.supply live.demand.supply — Cisco Umbrella Rank: 31898 api.demand.supply — Cisco Umbrella Rank: 59939	37 KB
21	file-upload.com www.file-upload.com — Cisco Umbrella Rank: 556615	550 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	261 KB
13	google.com 5 redirects accounts.google.com — Cisco Umbrella Rank: 78 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	77 KB
6	freychang.fun freychang.fun — Cisco Umbrella Rank: 24503	303 KB
6	cloudfront.net d26adrx9c3n0mq.cloudfront.net	210 KB
5	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 428 tps.doubleverify.com — Cisco Umbrella Rank: 440 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9987	104 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	683 KB
5	dinterperson.xyz dinterperson.xyz — Cisco Umbrella Rank: 22082	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286 www.google-analytics.com — Cisco Umbrella Rank: 35	37 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	168 KB
3	denknowled.xyz denknowled.xyz	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1452 id5-sync.com — Cisco Umbrella Rank: 600	12 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 11613	9 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8526	795 B
1	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 8253	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
1	mobilesafe.shop mobilesafe.shop	6 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	elementalantecedent.com elementalantecedent.com	640 B
0	file-upload.site Failed file-upload.site Failed
206	25

	Domain	Requested by
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.file-upload.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
22	live.demand.supply	mobilesafe.shop live.demand.supply client
21	www.file-upload.com	www.file-upload.com mobilesafe.shop
17	s0.2mdn.net	www.file-upload.com s0.2mdn.net
15	pagead2.googlesyndication.com	live.demand.supply securepubads.g.doubleclick.net tpc.googlesyndication.com www.file-upload.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com www.googletagservices.com
14	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com www.googletagservices.com
11	be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net www.file-upload.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
9	www.google.com	4 redirects tpc.googlesyndication.com www.file-upload.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
6	freychang.fun	d26adrx9c3n0mq.cloudfront.net
6	d26adrx9c3n0mq.cloudfront.net	www.file-upload.com d26adrx9c3n0mq.cloudfront.net
5	www.googletagservices.com	www.file-upload.com be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
5	dinterperson.xyz	www.file-upload.com d26adrx9c3n0mq.cloudfront.net
4	www.gstatic.com	be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
3	fonts.googleapis.com	be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
3	connect.facebook.net	mobilesafe.shop connect.facebook.net
3	accounts.google.com	1 redirects www.file-upload.com
3	denknowled.xyz	d26adrx9c3n0mq.cloudfront.net
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.doubleverify.com	s0.2mdn.net www.file-upload.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	images.dmca.com	www.file-upload.com mobilesafe.shop
1	tps.doubleverify.com	cdn.doubleverify.com
1	id5-sync.com	cdn.id5-sync.com
1	googleads4.g.doubleclick.net	be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	api.demand.supply	live.demand.supply
1	certify-js.alexametrics.com	mobilesafe.shop
1	ssl.google-analytics.com	mobilesafe.shop
1	www.googletagmanager.com	mobilesafe.shop
1	mobilesafe.shop	www.file-upload.com
1	www.facebook.com	www.file-upload.com
1	elementalantecedent.com	www.file-upload.com
0	file-upload.site Failed	www.file-upload.com
206	37

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
elementalantecedent.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
denknowled.xyz Amazon	`2022-05-25` - `2023-06-24`	a year	crt.sh
*.dinterperson.xyz E1	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-06` - `2022-06-04`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
mobilesafe.shop Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-04`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Frame ID: 2AB13AECBE3C448E88348E731F39783D
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: 46C2A04B97CDFB3D5F6D2741B2F04B8E
Requests: 1 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74FC797AD876E16EEFFB569A58C1B6FE
Requests: 1 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A8D1373558C4DCFC3F1C8BDBF2003CF0
Requests: 1 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34F77D98BF97E3D75786286F964DB379
Requests: 15 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C26A38E080F9F852ACEF1F33033830A3
Requests: 5 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C645E3BB8D90C0726A34288991DC9538
Requests: 11 HTTP requests in this frame

Frame: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CA618362646DE7B67A5AD30C1463339
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D43A70FFF51D9426098F5E8B62050C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8CF87B05E075260247362D1722A154F
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Frame ID: CB6F9D993255F9FC86F92AE1853E6EA2
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8C5E6264CEBAED307B2628344162B63D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C7F13DF05C56CA5DE7BF604506189D0F
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
Frame ID: 6490A1D07B75C3D4ED8DC4B7F16FE628
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8EE5B58E3AAC484ADBCAADFE680ECE36
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7F55D7565C4B46E7E6D44252AACCC3F2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A2A5A5273A4C89D6CC7B8B08A2E1E36C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 224C1E49A39817E55FD05754EF7A6AB9
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2767.js
Frame ID: 0CA286F333223A0B8351F4126E49A098
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: CD6C1860699FBB191D30766F75E0391D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: FEC87F774A9E516E20E7BBB13168CC2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: 75C9F10F35A8D70821576136EEB3A4EF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: 119EB4E7740F72D8E34B74EE3C289780
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/mm6g5j4iuisi Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

206
Requests

98 %
HTTPS

68 %
IPv6

25
Domains

37
Subdomains

35
IPs

6
Countries

3467 kB
Transfer

6995 kB
Size

9
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/mm6g5j4iuisi
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://mobilesafe.shop/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/mm6g5j4iuisi Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S789494955%3A1653706038640235&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczgTL4pd9eTkVjBLQ4ZVXAqts64SvWBjK8fsad4KJZ5Kc63UI1vtvhzTJDqq0D8A_j4viRKoQ

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

206 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mm6g5j4iuisi Show response
www.file-upload.com/ 20 KB
7 KB 81ms
56ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907744beb792d619322656bd0a8874bbae50e03e646fd9a9539b758bf3e0a204

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7123aa335f7a90e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:47:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 27 May 2022 02:47:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClbrkVYRiXbEeRUEwzKZAuckHMw2pK7eDgPH9IRnvhSUofXMm5qUd888s1sbYUWMCzcuUP1Km5UvVCbSV0tHLiC%2BkH6XRnixhEj2kD7AxIGzgnEXzwgHSyXDM69IwQ70mc4GS81U"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 app.css
www.file-upload.com/mngez/css/ 247 KB
41 KB 21ms
17ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267210
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvpideUpXM2G1JoWI0UrZS5a8yNG7eFh6koPOrBx%2B6C2amW5QIUCOhgu1lEZN%2Fmz5PBdIezjuiyVibiRbVOizyKPOMFEBFnGKZyQuoYax%2FiuW7hZM67VRtOM0g9yVJaOvCeeg%2BgC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 02 May 2022 21:00:28 GMT
cache-control: public, max-age=31536000
cf-ray: 7123aa33dfde90e0-FRA
cf-bgj: minify

GET
H2 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 77ms
76ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"3aa0d-5b9d6bb49011b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD322B9rhU2fD1oIzP4jhlou2GqTnKpJlDUUoi6z7dUHOhF3Wt%2FV1yc5fESqmaMPUUhlv0kSkH6OwpURcRFPw%2FIpJVXPpc7niRy1H6%2FpHSJrKZYHzdxUzO92nLSc7lkEIKW6x3rO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2692000, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7123aa33dfe290e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 27ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611748
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"c8f-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dEXfCJyHf4ARO%2BoQp4QMWVYoYW%2BMHx%2BM42aINqczR30qUf9I5OUq1EKIjoPrQ5j5tYCw9wc1wvZMc6kp7%2FKRBr3TPGOTkJA%2BGy7KG0EhWRWrFTZX7vhmniVvjuGMWGsn33GxUcx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa3478bf9012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H2 200 / Show response
d26adrx9c3n0mq.cloudfront.net/ 492 KB
158 KB 40ms
12ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2aa4e0589e0d9a540fef953168faf49d1f9340c968e03de4035d2616774ea2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
age: 3
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 161118
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: Rw6uugBA3KDLMJbUoHvxJnl01WpJQ9bZUa4gtqucPYVVCGlWdEIIqw==

GET page.js
file-upload.site/ 0
0

GET
H/1.1 200
OK 01105f188a1c32226733edcb09dd3870.js
elementalantecedent.com/01/10/5f/ 0
640 B 318ms
115ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://elementalantecedent.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Sat, 28 May 2022 02:47:18 GMT
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0
X-Request-ID: 1b2f07d8679f6e8e8a2205fd933efa7f
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
d26adrx9c3n0mq.cloudfront.net/ 163 KB
49 KB 12ms
11ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:15 GMT
content-encoding: gzip
age: 3
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 49634
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: PXiDGATshEO_rzFow3IiWcs4aPXmpqEi5nuG4L8FZPaDmd54Vo_bKQ==

GET
H3 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 14ms
13ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611748
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAh7FSAeNAESXgVIwHsvfIQgxipFGO6rQM1MqwknVfA7QaJazi2yroYCGqpURqHHBGUyVxl2zUatO5mUhVntUl1P%2BnBzpBRM%2BDpJJ5459olAO%2FPPFLqxlXjY2pV9KJXDyJIA5iUA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa3478c09012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H3 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 27ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611748
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "281-57e1cf82658c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BfEhxAuG2eOa8nEcfYDbMjsWwvzdTBoUfDfYyoWTpKY22%2Fxo2s4FC%2BZKr7dnnxzOWBCLMGGqPQxAnu2gIX3xQ1GU6a6eRjEzxSZfozVCfrqNaHDewAqzCFycqpfQ3373SKC9yP6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa3478c19012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 92ms
7ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Mon, 27 Jun 2022 02:47:01 GMT

GET
H3 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 13ms
12ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mm6g5j4iuisi
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611747
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"1363-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZ7bwsCEJIBBRyBSTnR8R46jto%2B61FKdf0CQJUZBkNC2lanZRI7UwMpHe5NWGUXGCTFSiaec8muvscQQPRweoStJVnAIsa2ZpHq5S4gQRArYd5GMiEAGtLJ34sgCss9nOVflAluq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa3478c29012-FRA
expires: Tue, 01 Feb 2022 07:04:51 GMT

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 24ms
24ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611754
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"3aae-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FdiE1LQxieC3zvVZ%2Bdq%2FK0jNKhdBy5medOdBr85VZM3wVR2Jcppy%2BrpuF9Vk%2BD1FSXKydaBu2%2BI3ogyaj2ptO70yL%2Bot2QDgRDN%2FlV%2B0GeQlubfcN7djqrZIAs6jkRu2wSdq8bm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa3488ce9012-FRA
expires: Tue, 01 Feb 2022 07:04:44 GMT

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 28ms
28ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4565
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7904
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ee0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIJf0gw36RqNQw1mI4J3plEFLob5FrEYutu3FI65U8X4IPFm6xmJ0W154xb2t09X39%2Fc3FUVekwa0%2FS9HP4UkcZHHHBdCzIzBvOfrHgBNAlyIVr%2Bj6AIp2gMIM%2BsaltTIVsHbkMe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa3488d49012-FRA

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 15ms
15ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5024
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "12d68-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4lOzgb%2BrVnjHBuF13npeqzHjSnKc5YiKiT1wZuqUKLMPKohj4OQ%2FdQTavcWu0dRdhkD1Bs6ss4cZJCWRa3z83S2lqPtpPgYTwOqGMhrcvX7JNVr1FPButdxuZY11JaH0FYJskkD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa3488d59012-FRA

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 15ms
15ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6460
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7884
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ecc-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA%2Bzth9Z1vkMtvT%2B2AUUmPQmx4x0x3RF0vK0HKMa3th9atTHdvzJkV%2F4GfeYHG6si4kcVBJuIwBqJkkQB877qNcSxRl81GRCaEk%2Bv0HeR5QsNEgENtc%2FlW2l84W39APaIjpI%2Bk6R"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa3488d69012-FRA

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
101 KB 55ms
29ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 01:08:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AKqIHFqi1yeeL0J%2FfTrBC9JEf1irg8MV452bd7FNcLEZIyTVgXrrPKLFzLrTF2DOTxD3Mec3vTuIFPt6R%2Fqmc6skc1Qd04XKzR4vOYYGSOSsLA8E7WgFFV79tLSLKLxKIWDdq6lGkhV2p9P"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa34dd209a05-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
382 B 141ms
116ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZutgC%2BE24TLEmd8Dxaf6pq4WEF55A1kBNc1rbdivhPaHu4l5MkgrmbdZUtugkuvsxT2Kthni6lVLxK%2B4QFYo1payP9tvwBjNhrrGuA3JwSbZ1I6YScf0%2ByuJevFY4J6gL22Jw3%2B0gFV1LCXi"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa34dd219a05-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
494 B 150ms
100ms XHR
text/plain 108.156.46.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=xoHnN2g3YCOl&top=www.file-upload.com&tid=888398
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.46.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-46-17.lhr50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
via: 1.1 97d882fdcaf1da316742a0953a5a0564.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: LHR50-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: O_i9HvEz7gBJZe4_RlzCYxiZvJ43Wr_-TURTj9Fbqx3x4bTLLWdA4w==

GET
H2 200 R3IEEH0kZHdzOBU2a1QjBzkkGywNLGAHCREoMVBqUActUCMSZHdzOAcjKFQ8Fi-Q3RmpRA2AHfwEzJEIjBzNgAX8DLSBNLkwiKlhmRDR4BA
d26adrx9c3n0mq.cloudfront.net/sT2JBRTUsDS8jCjsLJXgNd1pyfA1pCDIqWz9fDTVGHxgADmMmRDU/UXJSZylUIQV8Y1AhAXx0EzsSLi4ILRg4MFY1ES8rW2kXIHhcLj0gN1YnCzcgR2pQcW0QfSApMUE/ 849 B
889 B 157ms
157ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/sT2JBRTUsDS8jCjsLJXgNd1pyfA1pCDIqWz9fDTVGHxgADmMmRDU/UXJSZylUIQV8Y1AhAXx0EzsSLi4ILRg4MFY1ES8rW2kXIHhcLj0gN1YnCzcgR2pQcW0QfSApMUE/R3IEEH0kZHdzOBU2a1QjBzkkGywNLGAHCREoMVBqUActUCMSZHdzOAcjKFQ8Fi-Q3RmpRA2AHfwEzJEIjBzNgAX8DLSBNLkwiKlhmRDR4BA
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 613
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: PP3zdajYqOkNgGdR23CY6P0qS1h1e-b15U3bOJeUegnsEUjYkfKaag==

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
100 KB 54ms
37ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 01:08:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAgN%2BP2fWOMpo8HJiHGTUKfiBU%2B7LkKZAD91mauScK%2BZXH1nBcWCK75GCW0iRc5TbHrwS4qOo3nNMthzUqjuzmohNnLKViBNaswoTdHsgNEzyCGYfolzULRCJXIgRvwPLx4Tlv7BEsjEnNHu"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa34dd229a05-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
360 B 137ms
121ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IApnErmIVv86Vyt8P41pe3odmj4xtxFRX7grRoRSqO1XA8aImBjvucLvrGls2NW%2FMXdtWXGMG0iuvfdPNvorKnrp1lNjLS2alWt4UQ0G4ypHZX4B9VXkP0%2Fr9PdvMMfoL2z5vQrtNt2I3T56"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa34dd239a05-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
493 B 139ms
98ms XHR
text/plain 108.156.46.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=TbONTnJBXiLv&top=www.file-upload.com&tid=889766
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.46.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-46-17.lhr50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
via: 1.1 97d882fdcaf1da316742a0953a5a0564.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: LHR50-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: dwK49Afl_vEbP4gtVThQ2FlXDiGIM_3OsL3eaFzXZwvArcYbmIsnuA==

GET
H2 200 azZKSGo7Bg4NNj0GSk5qORgKAjt2FwAXc34BUks
d26adrx9c3n0mq.cloudfront.net/4elpYdG8ZNTYSUA4zPElXQmNvQllcMCsbAQpnMzZdNW1gBA5IIH4AFR5naFIDGzQ/SUkfNDtJXlwuKBsERzgiDRoZICsaARR8LRVSEzsHFR0ZMjECCgh/akRHX2gaHBsOKn1HLl9oHlFdPC0vA0EbNj0MDlQ5NxlKSBwrHR... 854 B
896 B 161ms
161ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/4elpYdG8ZNTYSUA4zPElXQmNvQllcMCsbAQpnMzZdNW1gBA5IIH4AFR5naFIDGzQ/SUkfNDtJXlwuKBsERzgiDRoZICsaARR8LRVSEzsHFR0ZMjECCgh/akRHX2gaHBsOKn1HLl9oHlFdPC0vA0EbNj0MDlQ5NxlKSBwrHRsff2oyBx82KFFdPC09FgIbKS-wRHQl/azZKSGo7Bg4NNj0GSk5qORgKAjt2FwAXc34BUks
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 618
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: r_PxMuMZApHSznKYtgcKe78EexthEFRkiyxRDxg1XvscUFVVdPCOFA==

GET
H2 200 asd100.bin
freychang.fun/ 100 KB
100 KB 46ms
38ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 01:08:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlLwcbbXa4K%2BhgnHX0yixxQb2IwDDGm0l6K06qtE0SCnGCfHsEnT0luDl1QFwKaGqI6SBtJwXCQF959nSzu3ZG3aNij4eLfCscdj7vfiwrhtoSiAuHUoxLuJ14xwz683XNWbxWnBFK7GlHYf"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7123aa34dd249a05-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 /
freychang.fun/ 27 B
360 B 127ms
119ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUBLqUtGPN4e1OUDo1ygupt3LBukHS4HItuaFilROayyvzY6%2Fi9lllZ%2BRjGHymgf69blTcaUrS46Uoe2aWpUzlUbe4hIYT6Agp5mRZJBoHjMHgkaFKvCnjjdy0Y1akHoZn0bMImmpKSv7au5"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7123aa34dd269a05-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx
denknowled.xyz/ 0
493 B 140ms
106ms XHR
text/plain 108.156.46.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=s9VDEg4k85rc&top=www.file-upload.com&tid=922253
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.46.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-46-17.lhr50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:18 GMT
via: 1.1 97d882fdcaf1da316742a0953a5a0564.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: LHR50-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: pp7dI99zuzAFkjpsUAD94j3xju776LfkhuomIYbOuTZjPIkIAoFLBA==

GET
H2 200 mNzVLbTZUWiULCUNcL1APBQd5WAURXzgCWEcIJSFReFB8O0d6Ez8XUgoFbQFXWVJ2S1NZVnZcEENFJAYLVU8yGFVNRiUDWBFAKlBfVmoqH1VfXD0IRBIHe0UTBXcjGUJHEHgsEwVzbl9wQEI8Q1dbUDMMGFRaJkgEcUYiGVMSBw0FU1tFbl9wQFApAFdEQS-4fRRI...
d26adrx9c3n0mq.cloudfront.net/ 653 B
748 B 160ms
160ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/mNzVLbTZUWiULCUNcL1APBQd5WAURXzgCWEcIJSFReFB8O0d6Ez8XUgoFbQFXWVJ2S1NZVnZcEENFJAYLVU8yGFVNRiUDWBFAKlBfVmoqH1VfXD0IRBIHe0UTBXcjGUJHEHgsEwVzbl9wQEI8Q1dbUDMMGFRaJkgEcUYiGVMSBw0FU1tFbl9wQFApAFdEQS-4fRRIGCUgEB1Y5DEFbUDlIAgdUJwhOVhsoAlseEz5QBw
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 471
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: NvirCkYDijSFoSqv7mELsW1I9CEk91N4iBTWs7ItsUaIGHdWmpGlcg==

GET
H2 200 kd2RKSGoUCyQuVQMNLnVSTlJ7cVJRDjknBAdZEn4SOSknKg49Qj4yDkpUbCQLGQN3bg8ZB3d5TAIFdyELKAU4KwIeEi86T0VUYm1YNQw+PBpSVwttWDFBeA4dABNkKQYSHCtmCRgJb3osBA0+LU9FIiItBgdBeA4dEgYnKRkDATg7T0Qmb3paFBYrPwYSFm-98WhY...
d26adrx9c3n0mq.cloudfront.net/ 181 B
459 B 162ms
161ms Script
text/plain 2600:9000:214f:5000:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/kd2RKSGoUCyQuVQMNLnVSTlJ7cVJRDjknBAdZEn4SOSknKg49Qj4yDkpUbCQLGQN3bg8ZB3d5TAIFdyELKAU4KwIeEi86T0VUYm1YNQw+PBpSVwttWDFBeA4dABNkKQYSHCtmCRgJb3osBA0+LU9FIiItBgdBeA4dEgYnKRkDATg7T0Qmb3paFBYrPwYSFm-98WhYILzALWQclJUNREXd5
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 182
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: 1aTGC-lfta1IeNTsNlnXMGDioB34STJqYKNe2_-IWHIrRTFXw31B7g==

GET
H2 204 HA4mZF55ACBnBxwcFVlFHBI8VHMnAWJFWy15fAkKen18F0IgIHkAFDowJUVHOnl1F1snIisMFD95dR8BfWp2Bxx5YjEMA28wNFBVdHViQUY9KHkABHx3cwEEeXd8BAJ8
dinterperson.xyz/SUREMTJmeydCDygDEkB/ 0
261 B 132ms
105ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/SUREMTJmeydCDygDEkB/HA4mZF55ACBnBxwcFVlFHBI8VHMnAWJFWy15fAkKen18F0IgIHkAFDowJUVHOnl1F1snIisMFD95dR8BfWp2Bxx5YjEMA28wNFBVdHViQUY9KHkABHx3cwEEeXd8BAJ8
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoSZ%2Btmrd2rRlvEuRNeQ2II6Ky8kPfC716HNZFhy14IXkfHwC4kNeCVZnPYKI1737LN4CdrL3943yLzR6a53owWe%2B5oIXMIFtJDnPJlY0h%2F6I%2BR953LXbHn6s70zTACPLrouUFv%2BVQQe1Mn8BPaJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa34fc21926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 87ms
72ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 92ms
57ms Image
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S789494955%3A1653706038640235&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSi...

0
0

90ms
59ms

Image
text/html

2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S789494955%3A1653706038640235&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczgTL4pd9eTkVjBLQ4ZVXAqts64SvWBjK8fsad4KJZ5Kc63UI1vtvhzTJDqq0D8A_j4viRKoQ
Protocol: H3
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Sat, 28 May 2022 02:47:18 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S789494955%3A1653706038640235&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczgTL4pd9eTkVjBLQ4ZVXAqts64SvWBjK8fsad4KJZ5Kc63UI1vtvhzTJDqq0D8A_j4viRKoQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'nonce-140Nyi9pgm67VoYIsDCBaQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 BXhgV2wGYH1TZEFrYkU2RDc0XnMSJicXLglnZVZxA2ZlU3EMY2JX
dinterperson.xyz/Y0I0VlNMfVclbgc4UBsyNDJ7FxsTJGNmEiYnBSIHMiVQZwsPchIiOgd/DG5qVHQCcCMKJglndRA2VSImEH8FcDoNJFtrdRV/ 0
254 B 133ms
107ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/Y0I0VlNMfVclbgc4UBsyNDJ7FxsTJGNmEiYnBSIHMiVQZwsPchIiOgd/DG5qVHQCcCMKJglndRA2VSImEH8FcDoNJFtrdRV/BXhgV2wGYH1TZEFrYkU2RDc0XnMSJicXLglnZVZxA2ZlU3EMY2JX
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqMKeFlsmAjsFMZCaSqXkyFwpqg34LnYmiR5tg4qRQTNuXbyfRoueXw0msiA%2BMqVY8a1k60M2acY2EfNhyRYE4V%2FHiXAy21cm4531aSNXqYi1sgyWu3Uiqvr2cTwciw8xU4iotlwUQoeZbo6Whv1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa34fc23926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 UTVRM2F+CjJAXBxeYQI2BWQUVRYpRRVyBXQHF3ImFH0QABIUVxBQRyVcNQ5YYwdjBlJ3RThXXGATIkcAJUAiDlB3XD9VDmwTJw5QfwZlHVNnG2EVFGwEd0cRMFJsAkchQSVfXGADZABWYQNhAFlkB2M
dinterperson.xyz/ 0
492 B 128ms
102ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/UTVRM2F+CjJAXBxeYQI2BWQUVRYpRRVyBXQHF3ImFH0QABIUVxBQRyVcNQ5YYwdjBlJ3RThXXGATIkcAJUAiDlB3XD9VDmwTJw5QfwZlHVNnG2EVFGwEd0cRMFJsAkchQSVfXGADZABWYQNhAFlkB2M
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y89odBTemnLdU1onZcrkLWgsZ45WTPhcGeQBkNBiD%2Bg3AxzGg2E9KxudnU4FgIkTLdxDrSWD8lpCla9d51c4Ij9s%2FuLm2TIlBmfGZn8FUWo%2FQcyLoYLA4yTIK9N5C1KcAPl74cgWfNAlue%2BNDttO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa34fc24926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 UU1URWx+cjc2UTAFPCo7BjU1FDopIgIDWR8aE3Q2BBhlJg5gJnIxBTVwbHxaYHRsYxw4KWl0VHc+ICQYJD5pdEo4IzIqUXc7aXRCYWNla1x3OGl0SiU9NSJRYGskMRg9cGVzWWJ6ZHNcYnVhd1s
dinterperson.xyz/ 0
259 B 134ms
108ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/UU1URWx+cjc2UTAFPCo7BjU1FDopIgIDWR8aE3Q2BBhlJg5gJnIxBTVwbHxaYHRsYxw4KWl0VHc+ICQYJD5pdEo4IzIqUXc7aXRCYWNla1x3OGl0SiU9NSJRYGskMRg9cGVzWWJ6ZHNcYnVhd1s
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oZDu98LPID%2FCBmVkKSrU4pXTS%2BpieGRf3cniZ7hp9stUagQt7pddBIHqDjrhiUgmJs60UVshjLVmCpTugM7zKcXTw4aUr%2BnqsvY9F8pD0hqxiZ7TSuGyZGDiX00pCV91YhOKwSqXcC4%2Bx7yRKqU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa34fc25926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
mobilesafe.shop/file.php/ 19 KB
6 KB 520ms
165ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0a57e7ab3a93a61cdcd828a13121a2daa341cd689adc76b653ab12c6cbd185ab

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 5970
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:47:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

POST
H3 204 XFAANyFHCV5hf1xPU2BgSQ1AY3hUCUgkc0sJV2N8SAlXYXpLD1pieUgfGiEvHQRfdz4OTQJsf0wMXWZ+TAldaXlMDQ
dinterperson.xyz/Tno5blFhRVodbBcQbwQyFixbLz0YMmsoBAksfCAcGA1vDwMlMx8aOCpHAVZoeUwPSCEnHgRfdz0OWBokPUcKXmF/ 0
505 B 129ms
112ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dinterperson.xyz/Tno5blFhRVodbBcQbwQyFixbLz0YMmsoBAksfCAcGA1vDwMlMx8aOCpHAVZoeUwPSCEnHgRfdz0OWBokPUcKXmF/XFAANyFHCV5hf1xPU2BgSQ1AY3hUCUgkc0sJV2N8SAlXYXpLD1pieUgfGiEvHQRfdz4OTQJsf0wMXWZ+TAldaXlMDQ
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaKqfK0D2n9QA5C8KwUhAUeHKg0uyogpUmeIR2vNaxnJTTbwnt7FIf4mOzdcfNz%2Bhj0%2Bnc2rZZ1VqhOde6dM%2BqLD3ZfxAYmGNWUqa2KIB5HwHY63bOadL7M9w8QA5wEtgKt24IhztEvI3X2p5uoC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7123aa366ef6693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 126ms
100ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41824ba53343a44e3df59e89555ff9f47c84b14ad4bea9f50b5b67deeac4db2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3GS0AE1B2KJW5X0F82KQGP9
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 786
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"494845b5e1573e696774a390a39e22e4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7123aa384d2392c9-FRA
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==>; rel=preload; as=script

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 58ms
22ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25410b6356daa907ad89631faa264041ce20de666efb3cb71af591e3fbdd343c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39566
x-xss-protection: 0
last-modified: Sat, 28 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 May 2022 02:47:19 GMT

GET
H3 200 app.css
www.file-upload.com/mngez/css/ 247 KB
42 KB 18ms
18ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2535672
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRCQQ8lju1neo6l43iPmcY%2BgxJob%2Fe6KriGhrz7qAppMhOvnVit8%2FNYUUx4kjE632EdDUdVVl7Ul5oc0E%2BAeKjAAeTvuNoTTVm4lTGRKp2fmisxC2oTmYQSN2wGUxs3X0bTPBxaH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 29 Apr 2022 18:26:07 GMT
cache-control: public, max-age=31536000
cf-ray: 7123aa382c399012-FRA
cf-bgj: minify

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e57e3de70c1b82b3194e07a17d8660c19f376d463f9250b263e398e42f6c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QxZn4Kk2cZqgwdy+LMr48Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 27 May 2023 04:18:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84257
x-fb-rlafr: 0
x-fb-debug: 9OR4woS0PTOEwODan7VgB/pCi2l2HvUU1bYPXodtmrTTdArTDZl+X413kjsfybZJ9cBbURbL5pQH8THrwNxp1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 13d0e09f6da571be7371995b009dbeb0
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 28 May 2022 02:47:19 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a98b766c0cf9d9d86ac9c322b986cf53"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

011215a968074cd59e40d2c863e97d0e716b33f112911875150de317831c1029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yJQ7GVR12HkteVKx+8aOlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: k5XFv+H2hH81DIKv7LisIEpMf9PgjleGOVG9t/Ddlfd1H3JvsM8BWy/FiPPnw4w3XO8bYgtt9Fueq8GtvnThKA==
x-fb-trip-id: 686109401
x-fb-content-md5: d5fbcd4977a42d34cd834d8a5fbb5af4
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 May 2022 02:47:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "dbd5866c08c95b0e6a9a04ac8fec8231"
timing-allow-origin: *
expires: Sat, 28 May 2022 02:59:38 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6985
date: Sat, 28 May 2022 00:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 28 May 2022 02:50:54 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 37ms
9ms Script
application/javascript 99.86.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-90.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6714498
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: on_Fd-pbqvt1o3Z-L1UhRvErSQXGTjacrFPj5gH3f_glcegMKdHAMw==

GET
H3 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 93ms
93ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"3aa0d-5b9d6bb49011b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaCaGWKEajHZT9vCA4gllEtb0AE6ExTddEQolZW98g7b1o8KdqTv9xD8u2TJwoaplcDY9z6NGuABAGe8IR%2FcZq6QiQwAcuS3yZ8mL7X1wpkip41RGWQMP8ZfEdF1nPcWKcefimtD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2692000, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7123aa382c3e9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 13ms
12ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611749
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"c8f-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX%2BwjXnd1VuxMVh%2Fj5twTaqrMdKoQ6ttdAj%2BS6spUxrjLB6MT3Y%2FMoguJpgpNsUoNMYuRggOv4Vu8WMHHjilKjxl1T0WvbyVYLvUDH%2BlC9iExhtkr8UBLpnmoNfW4ymxk3D7l5eL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa38ece39012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H3 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 19ms
18ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611749
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTEO%2B0AO5RWas0FXJsjXtAemgIU2fq0XfGERy%2B3LpMCoypLbke8RoONO437%2BcvQBNBM3g2t5fbvn2XJW2Qvmp6uyLo5t9EtLMBpeS03vBPQn44wsxaMJeBQKHsfLbLBOqdv%2FZjYD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa38ece49012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H3 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 14ms
13ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611749
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "281-57e1cf82658c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0iCko8jsl3xJ%2Fk5Z%2BLbuZG0l4uxCh%2Bl5JA0wYA4lGAXDSdPRcyQR4fO9XBsjo9LzlTo8CdUzhMWBfCDdIpii2HkhZE9EUag5e3QVMo4hfqQOEBmHg3A7OnYASUbGWFgtpUVRp1r"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7123aa38ece59012-FRA
expires: Tue, 01 Feb 2022 07:04:50 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 9ms
8ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Mon, 27 Jun 2022 02:47:01 GMT

GET
H3 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 13ms
12ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/mm6g5j4iuisi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611748
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"1363-57a3a191435c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Auy8JmmjNqxT6Y8VvQTHYLFba4Pdk0kZl98MM%2FQoe0pWs6msi2RJCYFGUrBmi%2Fcx7SfwZT4Iu0i55fXeu33guKAr89OatRRY0fd9V4ED0kBZj9sjbgIZWS5CN8oj6%2FrO7%2BAsyakN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa38ece69012-FRA
expires: Tue, 01 Feb 2022 07:04:51 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 294 KB
84 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bf9a64293e676cbaae2daf143ac180a1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94ebf24e6b2b935e0885ad3454b4d85f1a460b96f38adbac75943008d94da563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OQpt18O/C1qPZJ0lcWlclA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85708
x-fb-rlafr: 0
x-fb-debug: M7WdqXBc+JbrOElOu6cLMdbGFl4CuJlPxs7uBAVvHOn4b0mpXhDQ6CA04LDILD7Dlb0ff5VUb412U2DOyrmXjw==
x-fb-content-md5: 4b09c21d0808800d3604a5b8126ec2f1
x-frame-options: DENY
date: Sat, 28 May 2022 02:47:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fb8406e2ce0f9ef70aad6ee1366ae0ee"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 28 May 2023 01:29:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1691
date: Sat, 28 May 2022 02:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 28 May 2022 04:19:08 GMT

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 15ms
15ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10611755
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"3aae-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAvcr9uwV5HoVHsIMfsiH%2BKONBAQ4EabHrV1hvl6xlBle6DTwbTIrkDcPI78FlDb2GNfMw2vAd6V25nK9pvAmv4e1fTlhLHHy%2BNVgtoWO3YCYcIf5O9p10JbjBMnhh2Cj9JOiQMd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7123aa38ecea9012-FRA
expires: Tue, 01 Feb 2022 07:04:44 GMT

GET poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 0
0

GET
H3 200 impl.v15.0.0.js Show response
live.demand.supply/ 77 KB
25 KB 31ms
19ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 656679
cf-polished: origSize=79512
cf-ray: 7123aa39080d697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 bW9iaWxlc2FmZS5zaG9wLw== Show response
live.demand.supply/p4/v14-3-0/ 2 KB
990 B 83ms
73ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47fc2aaa0e149108bb772913151807fcefa62caa151cc56e69e873e818dcfe08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa390813697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 30ms
20ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=127&cs=c&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa392f639bf5-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 78ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a02b783fe60f7e2ba374d4d7933151596bfacd423db5d51e94de73d2b0e5208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56217
x-xss-protection: 0
server: cafe
etag: 1995659976297034232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=ISO-8859-1
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 May 2022 02:47:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
82 KB 340ms
289ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

81e1cfa3d7d84ee85ec93158371e929dbc067311b76d83a053d4f377f5608da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
x-content-type-options: nosniff
server: sffe
etag: "1228 / 184 of 1000 / last-modified: 1653689052"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83470
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 May 2022 02:47:19 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
506 B 25ms
17ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G40M30TYSE2AH66KGEGZ5QPP
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 122474
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7123aa392f629bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 14ms
14ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122456
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28a0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27N6%2FV13zyiXAkn8R3eYMyodfacSqLQT5Gie2MUeKFIPOLakcWoIF8tfGPRs5qaGCgjW%2BK5iEDNhXKlOqL75Ge6g%2Bq%2FvL02pxqKfWY295XjhgvvLVk%2FRKf0gsf6qWaZo8AYS7pH8"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa391ce892ad-FRA

GET
H3 200 fontawesome-webfont.woff
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 13ms
13ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122456
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"17ee8-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bs3N1JRk3F2wSPymfth%2Bn8q%2Ben%2F7jMKRtGVraR981e2DYwNHr%2Be6qO%2FqQKvs%2FY6jbEl7dO1VH5h2EnGPuww9XLByV5raS%2BMiz4NXqc%2F5dAhzRkJz%2BGr6ERk8akhBliIN1M6XlDr"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa392cf392ad-FRA

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 20ms
19ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122456
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28b4-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM%2B9%2FKOwwtcyLt1WwxnzJlTrrZ9D7KVud8xtg4aK4O44%2BVf%2BhgUB%2FUtKYaBoMmNUlvdv4pfv7HT%2FWf9LnCcxQSNlhYc%2BpvwilwDsF7In6hs8xDEddLRycW9dhLcm4DarMPKKZmQ5"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7123aa392cf692ad-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
364 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3RM2K0M5B9CQWKE2FDTDA8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122474
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa394f909bf5-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
21ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1683691870&t=pageview&_s=1&dl=https%3A%2F%2Fmobilesafe.shop%2F&dr=https%3A%2F%2Fwww.file-upload.com%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=6220841&gjid=1492990329&cid=1040873624.1653706039&tid=UA-126662314-1&_gid=1965601580.1653706039&_r=1&gtm=2ou5p1&z=1716404047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobilesafe.shop/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mobilesafe.shop_auto_interstitial_desktop Show response
live.demand.supply/cpi/ 25 B
253 B 222ms
222ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cpi/mobilesafe.shop_auto_interstitial_desktop?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 488a06e189f31a2039ad62baa5ca2758ff215d12471058bdd6fc7b50c05eee8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa397fdd9bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25

GET
H2 200 mobilesafe.shop_fluid_lb+sq_sqle Show response
api.demand.supply/v14-3-0/a/ 319 B
570 B 40ms
15ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/mobilesafe.shop_fluid_lb+sq_sqle?&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5f78fe8666aca23d1081848a3c6f4862e5e4804bb000b57f45cf4eac46bbc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3654
etag: W/"13f-8wTKNPCZg8JqdQt52K50FvCcRVw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7123aa39ab00695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 15ms
15ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01FYNHR9AV6B50KEQQBHX0GPK5
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1451287
etag: W/"ec00ccc2678f0bda8ad9a0a421a8790a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7123aa3978c1697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobilesafe.shop_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 26 B
254 B 220ms
220ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_auto_728x90_sticky_display_bottom?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9da6afbf3c3c84127d6fc720975d4faa27d2bb7503aec74e3b5658bdcd7926a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa397fe29bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 mobilesafe.shop_fluid_sq_square Show response
live.demand.supply/cp/ 26 B
254 B 354ms
354ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_square?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a206185c3c33dcf0451623d39a10c57e882d5dcdd40b51bd3366567d5a41898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa397fe39bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 mobilesafe.shop_fluid_sq_sq Show response
live.demand.supply/cp/ 27 B
255 B 406ms
406ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_sq?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1227caa7198772d9b01fe642a882a5359d4ad555e7220dd6b6bfaa4670b60675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa397fe59bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 46C2 10 KB
5 KB 48ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 19255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:26:24 GMT
etag: 1327746537699501093
expires: Fri, 10 Jun 2022 21:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mobilesafe.shop_fluid_lb+sq_sqle Show response
live.demand.supply/cp/ 27 B
255 B 384ms
384ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_lb+sq_sqle?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0854051280a3150d292867b602f37bd22bc38419f49eace29f36885b66e62f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7123aa39d8679bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 16ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_interstitial_desktop&pdc=7.532855987548828&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3ae9ff9bf5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_728x90_sticky_display_bottom&pdc=0.0348688006401062&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3aea079bf5-FRA

GET
H3 200 pubads_impl_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 42ms
13ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 21:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126668
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 May 2023 21:32:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
121 B 54ms
25ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 12ms
11ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_square&pdc=0.5419942557811737&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3bbb3a9bf5-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
795 B 77ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=ISO-8859-1
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
552 B 56ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
45 KB 288ms
288ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1527260689355420&correlator=3101755511972872&eid=44761477%2C42531607&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cd601fffa-3eb6-476a-be34-4efbe15fbf8a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=683461381&sfv=1-0-38&ecs=20220528&ists=1&fas=8&fsapi=false&prev_scp=ti%3Da3431406-2630-41fc-b813-63dda0cdd3fe%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706039723&lmt=1653706039&dlt=1653706039057&idt=632&biw=1600&bih=1200&ucis=1&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ea=0&ga_vid=1040873624.1653706039&ga_sid=1653706040&ga_hid=1683691870&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3784df3b4613476a485f35df58646968ffc0a97b34c3e542619c86e496485d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46544
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
30 KB 274ms
273ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1527260689355420&correlator=2627031024598623&eid=44761477%2C42531607&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cf152fd0a-aa6a-4efa-8db4-3b15697ae52b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3551285455&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Da3431406-2630-41fc-b813-63dda0cdd3fe%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706039728&lmt=1653706039&dlt=1653706039057&idt=632&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ea=0&ga_vid=1040873624.1653706039&ga_sid=1653706040&ga_hid=1683691870&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

55c7a8ce7d8d30ca87e7c1d0d71bdfbf5ddcc5be116efab148f44dce180d376b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31163
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
30 KB 259ms
258ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1527260689355420&correlator=846584269203969&eid=44761477%2C42531607&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C9f9c7ee1-197f-4518-9309-2dce1894b23d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=2327037617&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Da3431406-2630-41fc-b813-63dda0cdd3fe%26bid%3D0.22%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706039731&lmt=1653706039&dlt=1653706039057&idt=632&biw=1600&bih=1200&adxs=245&adys=231&ucis=3&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=1040873624.1653706039&ga_sid=1653706040&ga_hid=1683691870&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f57bcee742241e34423cb12fdbcb8d3a7efe88c738cc0146434591b50467c535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31181
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74FC 6 KB
6 KB 100ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 14ms
13ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 15:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 15:14:35 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_sq&pdc=0.04222443699836731&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3c6c4c9bf5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 12ms
12ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_lb%2Bsq_sqle&pdc=0.08578500151634216&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:19 GMT
cf-cache-status: HIT
age: 122475
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3c6c4e9bf5-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
28 KB 283ms
283ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1527260689355420&correlator=131753781533348&eid=44761477%2C42531607&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Ca7af7edd-b578-4dc7-951f-775bbd5420fd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=1517400100&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Da3431406-2630-41fc-b813-63dda0cdd3fe%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706039760&lmt=1653706039&dlt=1653706039057&idt=632&biw=1600&bih=1200&adxs=245&adys=691&ucis=4&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x116&msz=1110x116&fws=0&ohw=0&ea=0&ga_vid=1040873624.1653706039&ga_sid=1653706040&ga_hid=1683691870&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dd6607c932d8e4d677e1e1646485ad450057f573eb17b0ad3ab309e160bd81c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28904
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
28 KB 278ms
278ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1527260689355420&correlator=1144628677460741&eid=44761477%2C42531607&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Ca9340059-d05a-44db-b067-6dfe3a680193&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=2840331734&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3Da3431406-2630-41fc-b813-63dda0cdd3fe%26bid%3D0.04%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706039766&lmt=1653706039&dlt=1653706039057&idt=632&biw=1600&bih=1200&adxs=245&adys=847&ucis=5&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=1040873624.1653706039&ga_sid=1653706040&ga_hid=1683691870&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0a978fcb8023f8ce2145635284b846bf5800ad3472f98735ee7a00f820bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28683
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 79ms
28ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3c338385eb2b34eef4e6fd197550a02c09acdf5c78f3bbcf804471ab8413e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10400
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
17 KB 101ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 41 KB
12 KB 74ms
16ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:10:20 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11458
x-request-id: 897647059

GET
H3 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8D1 6 KB
6 KB 77ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.22&b=1&r=mobilesafe.shop_fluid_sq_square&sy=e8ca75df-b4df-4374-9d0f-ad2adbd333b5&ts=93&cd=2&pud=127&pus=c&pue=654&pid=39&pis=c&pie=694&ppd=85&pps=a&ppe=740&pad=101&pas=c&pae=779&pcl=671&ttc=744&tti=1491&ttif=0&lca=740&lcak=ppe&lct=779&lctk=pae&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=a3431406-2630-41fc-b813-63dda0cdd3fe&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:20 GMT
cf-cache-status: HIT
age: 122476
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3e2ef89bf5-FRA

GET
H3 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34F7 6 KB
6 KB 65ms
28ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 28ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_auto_728x90_sticky_display_bottom&sy=e8ca75df-b4df-4374-9d0f-ad2adbd333b5&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=a3431406-2630-41fc-b813-63dda0cdd3fe&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:20 GMT
cf-cache-status: HIT
age: 122476
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3e4f449bf5-FRA

GET
H3 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C26A 6 KB
6 KB 24ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=3.61&b=1&r=mobilesafe.shop_auto_interstitial_desktop&sy=e8ca75df-b4df-4374-9d0f-ad2adbd333b5&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=a3431406-2630-41fc-b813-63dda0cdd3fe&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:20 GMT
cf-cache-status: HIT
age: 122476
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3e8fad9bf5-FRA

GET
H3 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C645 6 KB
6 KB 25ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_lb%2Bsq_sqle&sy=e8ca75df-b4df-4374-9d0f-ad2adbd333b5&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=a3431406-2630-41fc-b813-63dda0cdd3fe&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:20 GMT
cf-cache-status: HIT
age: 122476
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3eafd09bf5-FRA

GET
H3 200 container.html Show response
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CA6 6 KB
6 KB 24ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-length: 6094
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:19 GMT
expires: Sun, 28 May 2023 02:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 12ms
12ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.04&b=2&r=mobilesafe.shop_fluid_sq_sq&sy=e8ca75df-b4df-4374-9d0f-ad2adbd333b5&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=a3431406-2630-41fc-b813-63dda0cdd3fe&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Sat, 28 May 2022 02:47:20 GMT
cf-cache-status: HIT
age: 122476
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7123aa3ebff09bf5-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D43 13 KB
5 KB 77ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 17:48:23 GMT
expires: Sat, 27 May 2023 17:48:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8CF 783 B
985 B 69ms
33ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

777cc4b772543f6674ef8eac6394720f93ba49ef1bf7a7afe815974bb44e1de6

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-1kg7CmnPuoifDoCNTQWNww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'nonce-1kg7CmnPuoifDoCNTQWNww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 02:47:20 GMT
expires: Sat, 28 May 2022 02:47:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CB6F 106 KB
38 KB 60ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Origin: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 06:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 May 2022 06:02:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CB6F 41 KB
15 KB 89ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
H3 200 m_js_controller.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame CB6F 46 KB
17 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/m_js_controller.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

275210c5abf2c364d73c8f6c630bb2c60b291c477d25838e9f24bccabd87aa95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 20:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17348
x-xss-protection: 0
server: cafe
etag: 773547890430479932
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 20:13:01 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame CB6F 3 KB
1 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:25:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB6F 136 KB
137 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame CB6F 25 KB
10 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:57:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CB6F 0
0 34ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuyQRggmdkkAQ1RRFiBEYRP1ZyBVabI50nxZTRLdaodyC5eG20iskA9yVKJc9xbFfL1XjvRnX7w4aVr7rFbxQovHVEOw
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 404 icon.png
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame CB6F 2 KB
2 KB 34ms
33ms Image
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame CB6F 27 KB
10 KB 67ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:26:18 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB6F 0
874 B 111ms
59ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6CwrGcNVUY9wQzIPLyt2gNizJ0093Pn8QmPUQ9yFk90ORKBe3lU-EIcNovbNv2l5rmFR0VJpvZPshqygHcGoZ6qbOrBw8SIzWf3WaffS0SoCENNefyPggqYquc-9IYzFXna8LU-I7hU57IFCdgRrBuHTy-BU-vc8NskypjuA8Tu7ceIyrt9AY5X0NEoHrFuwvUGYMJn6pMxEyHuZY4LsjcXVKFk1Si2JKWFebPCGHwagImNzp_syNeyOklyIjCHGzNj0CdKlAEbcy7C2ck74m7yHn8JHxuO25x9AJyo87r1X9sRknhDURUJ8YmjhTI1nmCivM91s5KLmKH_Oxk3x0n2ZOnlOJ8klsVU6CfovgtiiFIJVEl1wPXIvg_t4j_hGiYochY_JCKoqbn4HY9aH82w0zl7wAA21ifyx9BSDpLh0mRLZ4_YSPcVqANVq_bVeoS85bewAIkpl2a80UhVn0Mw4V4H2OeMQ_WQwXcudxS1aUcOaMMQCWIgbrkYYeyXLs5JLyBkckO0zjB0pyNTWu5kdeuvOr6ySZiWTmJOcV4seF1OVjNL26sy0uS7Oz2H29HHqgV12shfpQHjWTsQX4NjRaYlAYah-o-amAM6v6Bu0Zg62d17WMKLgBt9795UEP8z4pomJDbp6aoQtGFd7TGrIKJI_iSbLqUBzJ5cFLp-bu6mPHC8nDJYdQaUEHjhJ8IjhOuoQimMFIuNOvbJlyY1thM5uHV24-EfssVCXWYsFX6g7YMrp8Xxf88RZT8d2zqKuqPlG8dz7d6UCFigQmwWNGQzm0Vjxffo8D743u7KzNQxtfehOtFaIGfb7wB2GOL38zHnGvz9zjv5p96ASpiqHHQzIEeJFYsHSX67SYrZr3RuFdPdwUspXRrlhsOaYd7ouIrlEru6KJwm_XGkgfKMa0jW9KHMt55ek1kXt0FIltX_1JxKQTxySGAlt3YCMaxferkAudWYqL_X4HpcwkNN34sGx7yAq8ZYcDF3YXO_a1FRM_TTxjylcIoUAT6w3mi62B5EIGYsLSQu1rqzbRRrSz2GIshDMuJtGr&sai=AMfl-YTeq7mAG-v1uiejKAnvZvDCKmGypGSSksBVX-gsHIv7iZHSDciqmlm1W2vyi56kq0Uzuk_2CbtWq5x-J5v9hen790NjCCXJFr_DoePb5Cj-ut748y0NqGAcW3AgKs1d5xbp-JKLmdi9bEbUTUVLUuXIyA&sig=Cg0ArKJSzFZenamAsyZxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 28 May 2022 02:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 54ms
16ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mobilesafe.shop/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mobilesafe.shop
date: Sat, 28 May 2022 02:47:19 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 css
fonts.googleapis.com/ Frame 34F7 557 B
703 B 72ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 34F7 2 KB
1 KB 81ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
server: cafe
etag: 10137335727447750368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:02:57 GMT

GET
H3 404 icon.png
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 34F7 2 KB
2 KB 42ms
41ms Image
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 34F7 27 KB
10 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:26:18 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 34F7 3 KB
1 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:25:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F7 136 KB
136 KB 88ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 34F7 25 KB
10 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:57:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 34F7 0
0 34ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM1rf_4zY9hTmjMvWPdAtDvNN5KOWbSo910zz56EFsYdKFtUWVKtaHYQPFfiifvU_Cu41b9vf923L1IKfFe4b31e0yQw
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 52aaa6df04c706d5b7adf14d1c58f00f.js Show response
www.gstatic.com/mysidia/ Frame 34F7 39 KB
15 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/52aaa6df04c706d5b7adf14d1c58f00f.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d6e42bbbe7490d3212a9f3007d1f50887331885c471ade766f5e84d897912b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 23 May 2022 09:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15216
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 09:38:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34F7 0
0 55ms
53ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CreqjN42RYtexL8fP7_UP4tyj6AiD5e2lauy-n7OvD4iU-IezAhABIJWbyiFglaqggrAHoAH09_T-A8gBAakCE5AHDFACsj7gAgCoAwHIA8sEqgT-AU_QYmQM80Yuk2olRt8AARiEzaHEx6qUVZmqRHMbFAuR1FJEenqXWJg758KO50FQ8Ke3Jyo05zuKnl_jly3hbNu5jw2yNRGf8g9q-VizIIciG9f1mhnvR_2hcb19CT2nPdtZ6SwZWOZT1YuEsJgUkA4Z9XyeW_HRVIkv2crpYksI7kdyGFV902NFHZgx75NFzP-0NgQpBIpZYzWoBRBwBNqPHZSsTFlE_yLsj1LuY_jGzq_IFgUNhrtPW51ryUQoAbCan85c-ZffiSZbCNdBYiKD5MjAg94MAD64KGMtcL_cAOdS0J8QzDScwKZqfDQqWdBYg26XQAuYlZrp1Q_rwASp_7fT_wPgBAGAB_SHiwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCR6RzSCAkIiOGAEBABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=jZz_C6U_Lck&uach_m=[UACH]
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame C26A 400 B
279 B 66ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5E 557 B
351 B 54ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 8C5E 2 KB
1 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
server: cafe
etag: 10137335727447750368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:02:57 GMT

GET
H3 404 icon.png
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 8C5E 2 KB
2 KB 33ms
32ms Image
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 8C5E 27 KB
10 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:26:18 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 8C5E 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:25:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C5E 136 KB
136 KB 87ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 8C5E 25 KB
10 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:57:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C5E 0
0 56ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSOvW8pcTMJOSik764hRzQswdUOOCkWmwglVRGR2TzeAOzdfZrImsuO1oiiLs7ThaJpGLwz-bfhUnaljX6UFPrq-AZBw
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 52aaa6df04c706d5b7adf14d1c58f00f.js Show response
www.gstatic.com/mysidia/ Frame 8C5E 39 KB
15 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/52aaa6df04c706d5b7adf14d1c58f00f.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d6e42bbbe7490d3212a9f3007d1f50887331885c471ade766f5e84d897912b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 23 May 2022 09:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15216
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 09:38:26 GMT

GET
H3 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame C26A 27 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6100369234d25286a631cd31a426c776e1a9c310721f488474968b46cb1f859f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10882
x-xss-protection: 0
server: cafe
etag: 13468916648900861594
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 01:19:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C26A 205 B
294 B 43ms
29ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 01:12:47 GMT
x-content-type-options: nosniff
age: 5673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 May 2023 01:12:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C26A 604 B
918 B 43ms
29ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:08:54 GMT
x-content-type-options: nosniff
age: 2306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 May 2023 02:08:54 GMT

GET
H3 404 icon.png
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame C645 2 KB
2 KB 33ms
32ms Image
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame C645 27 KB
10 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:26:18 GMT

GET
H3 200 1855386630868992114
tpc.googlesyndication.com/simgad/ Frame C645 105 KB
105 KB 36ms
34ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855386630868992114?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnHUMiroIKq5lm5E-tTc9_O1qGFjw

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

178fd25a165892e41108f547a0386f1b4442262b632552a36d566bc43c442394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 26 May 2022 00:59:15 GMT
x-content-type-options: nosniff
age: 179285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107738
x-xss-protection: 0
last-modified: Tue, 24 May 2022 12:34:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 May 2023 00:59:15 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C645 3 KB
1 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:25:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C645 136 KB
136 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C645 25 KB
10 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:57:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C645 0
0 32ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFKvS4PNL1CMnSsc3h_oNbNKzlgzzYbXFyKQmXybc9sy2FaUjClQbuYXPShI_IPSVrC5sMvSASWiGLgnqZXTgArq4TNA
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame C645 41 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 18:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15882
x-xss-protection: 0
server: cafe
etag: 8219006489259720894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 18:43:21 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C645 0
0 60ms
58ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CimKRN42RYraVMcaH9u8PlbO7iALxjrelaqm-z4GmENnZHhABIJWbyiFglaqggrAHoAGcr_uoAsgBAuACAKgDAcgDyQSqBPEBT9Aa3sfXgWhtm2PzDjZBgLGAR_KjTES8E7Nxap2IiaKaGbEOlJH3woFR29D4r-SH-ta-BBhdf-kco5LpW6hYrKL5FHI8mT275VJg3NIU8w_b_t635gq7RbLhhOy2-LRTHhUjgu85ryn80eWZVnVr6kCXPmZgJNZg0kvhKrlX98x076vzIJ5z0GXyl0hDoXuPvgEnEPg9pLcYrVCaUX_7FxrIFzGAXr0nmpS53GWWYE50sM6vyTg-Cxqpp7_od8bIKjrU7glbucHH3Xm5JTkM358zZ0pVBJMOdpZQLL4t1AOkz_jXT-pUKsWp9n8ShbUl18AExrrXx_kD4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQo5c-0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=amvRC7y1vgo&uach_m=[UACH]
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 404 icon.png
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 9CA6 2 KB
2 KB 36ms
36ms Image
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 9CA6 27 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:26:18 GMT

GET
H3 200 16661714520071083061
tpc.googlesyndication.com/simgad/ Frame 9CA6 64 KB
64 KB 50ms
49ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16661714520071083061

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aead2a33a2fadd7deb6b4c0cd31756073b30cc5aae342be2ab35cfaa78e54bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 25 May 2022 22:03:43 GMT
x-content-type-options: nosniff
age: 189817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65039
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 07:55:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 22:03:43 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 9CA6 3 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:25:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CA6 136 KB
136 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
vary: Accept-Encoding
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139527
x-xss-protection: 0
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 9CA6 25 KB
10 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 00:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
server: cafe
etag: 7999166876618491223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 00:57:07 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 9CA6 41 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 18:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15882
x-xss-protection: 0
server: cafe
etag: 8219006489259720894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 18:43:21 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9CA6 0
0 59ms
58ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COh7iN42RYqfIMczc7_UPp6-8wAuciMqHYq-vmq3iC-v7uK3mJBABIJWbyiFglaqggrAHoAG84Z30A8gBA6kC3fH6XtEBsj7gAgCoAwHIA8kEqgT8AU_QyfKBhOUveM2K3OF-pwp7MJhxWHrzGRFgbeEkubSSSD7LQLCqHI8-xHG52c1W9jEFd_ag14tiBQFKQklCrylSpJVzS5VrlOReyZTCacGlV_4l2pLeSYPswuKC5CMhITYTZgegRhGFN9BqYHU4IWVzuShapxWzw4CCv9lVYglAR2ZFmNI_0oE98RQ_JE4WPSepdcWjkfF8fNeSJKexrEmS6Uh6Fo-XhJfLAFayqBI-jZhLOXLqg_MtY1vZwGxUrI-STYft2bY5eoBTu0uZRojzt2x1b42BnrsyrM31kin88kp_B6v-3bLar4fHz3A5GPC9JzgGK5psoeoyh8AEu4TZ5oMD4AQBoAYDgAesnuILqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuN0T0ggJCIDhgBAQARgdgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=MlTv8E0kSpw&uach_m=[UACH]
Requested by: Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7F1 143 B
163 B 44ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame CB6F 8 KB
4 KB 122ms
30ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=25152005&sid=443002&plc=325420280&num=&adid=&advid=8650961&adsrv=1&btreg=517510703&btadsrv=doubleclick&crt=169452574&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bea1f2e1b6c000d5289dd1de1a9475c9245d3afe0a021ece086400dccdca1d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Sat, 28 May 2022 02:47:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 May 2022 12:36:02 GMT
Server: Microsoft-IIS/10.0
ETag: "0659c802169d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3303

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/ Frame 6490 5 KB
2 KB 45ms
14ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8a8dee0a0342f6a07d2e7523f35a77e9b4ea9405b44674d3eada33bc289c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 324081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1678
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 08:45:59 GMT
expires: Wed, 24 May 2023 08:45:59 GMT
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8CF 0
0 84ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052401&jk=1527260689355420&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EE5 143 B
163 B 15ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F55 143 B
163 B 15ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2A5 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 02:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 224C 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 313159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D43 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 14:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 14:03:01 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/ Frame 6490 6 KB
2 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b39d4afbea69d5d0ab26457f722dad72bdde2e188cf8e7536c53bc22384b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1835
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 brand.css
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/ Frame 6490 2 B
50 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/brand.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6490 60 KB
24 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6490 2 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 May 2022 02:47:20 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/ Frame 6490 4 KB
2 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 25 May 2022 17:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 May 2023 17:45:05 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/ Frame 6490 4 KB
2 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 08:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 08:45:59 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/ Frame 6490 7 KB
2 KB 16ms
16ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ff20bf8cee0b6f499062d8f9289699fb52925d76f7ff13bc9c502d181bac70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2183
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf
fonts.gstatic.com/s/googlesans/v44/ Frame 34F7 44 KB
22 KB 76ms
28ms Font
font/ttf 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074c7945755818cd49e9ae374a5b152cbe2531fc772f9f86d487582d444ff729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 22:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22443
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:57:43 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf
fonts.gstatic.com/s/googlesans/v44/ Frame 34F7 44 KB
24 KB 63ms
15ms Font
font/ttf 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef06cef118aebe8b298f181787352fdf1cee7a18716c249aabf40d0258d90ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 24 May 2022 22:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23424
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:09:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:57:34 GMT

GET
H/1.1 200
OK dv-measurements2767.js Show response
cdn.doubleverify.com/ Frame 0CA2 531 KB
98 KB 34ms
34ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2767.js
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cf49fc361a840ed23a9d4aa0d4d90753d84308079e887fce936b69f0be4eebea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Sat, 28 May 2022 02:47:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 May 2022 08:44:28 GMT
Server: Microsoft-IIS/10.0
ETag: "03e2427169d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100235

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EE5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

46ms
46ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
expires: Sat, 28 May 2022 02:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

30ms
30ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
expires: Sat, 28 May 2022 02:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame CD6C 35 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 16:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 16:30:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F55
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

34ms
33ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
expires: Sat, 28 May 2022 02:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

34ms
34ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
expires: Sat, 28 May 2022 02:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
date: Sat, 28 May 2022 02:47:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame FEC8 35 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 16:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 16:30:35 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 75C9 35 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 16:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 16:30:35 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 224C 35 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 16:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 16:30:35 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/config/ Frame 6490 598 B
625 B 27ms
26ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/config/config.js?r=0.057821339582273756

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e2b8c49b6d48e9d383200873172fe49e32381b180ded623dfd1e5ab27b5cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 598
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 May 2023 02:47:20 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/ Frame 6490 190 B
217 B 16ms
15ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/fonts/ Frame 6490 24 KB
24 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0CA2 2 KB
1 KB 113ms
14ms Script
text/javascript 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=257&ttfrms=27&brid=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3E%403%3A%3D6D276%5DD9%40ATauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3E%403%3A%3D6D276%5DD9%40ATar9EEADTbpTauTau36f%60edd6d3acbbedbh_d4_dag333e4g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau36f%60edd6d3acbbedbh_d4_dag333e4g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=139&ddur=123&uid=1653706040808223&jsCallback=dvCallback_1653706040808402&dvtagver=6.1.src&navUa=ia_archiver%20(%2Bhttp%3A%2F%2Fwww.alexa.com%2Fsite%2Fhelp%2Fwebmasters%3B%20crawler%40alexa.com)&htmlmsging=1&chro=1&hist=4&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2767&tgjsver=2767&lvvn=28&m1=13&refD=2&fcifrms=9&brh=4&sdf=2&dvp_epl=332&noc=4&ctx=13361095&cmp=25152005&sid=443002&plc=325420280&crt=169452574&btreg=517510703&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=9456019351.270315&dvp_tukv=1597569351601.3933&dvp_uuid=67406303664.522865&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1404835904661
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 Surbiton, United Kingdom, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ff7b5000510129dd5eed4ff3f6a0a9680bb1222be55fe6a1b4c0c35899e88533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Pragma: no-cache
Date: Sat, 28 May 2022 02:47:01 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 05/27/2022 02:47:20

GET
H3 200 sunsetViewCity.jpg
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/ Frame 6490 60 KB
60 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/sunsetViewCity.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5449997ccd67d4aec4ee1211b97bd65eedb432b0ea66213d138fb7ced35ad37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61323
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/ Frame 6490 74 KB
74 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 25 May 2022 17:45:06 GMT
x-content-type-options: nosniff
age: 205334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 May 2023 17:45:06 GMT

GET
H3 200 introLogo.png
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/ Frame 6490 85 B
112 B 26ms
25ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/introLogo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/ Frame 6490 4 KB
4 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0745c1a7e9f5fdf0406dff02bd3dd9b9e502af9c1b7b5df02a7702ad7e200d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/index.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4390
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/fonts/ Frame 6490 26 KB
26 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16213087098698348818/Standard_970x250-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 22 May 2022 08:46:52 GMT
x-content-type-options: nosniff
age: 496828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 13:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 08:46:52 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 119E 35 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/mm6g5j4iuisi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 27 May 2022 16:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 16:30:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4D43 0
9 B 24ms
23ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Uvqu5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 28 May 2022 02:47:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 224C 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt33iN42RYrLWL42W9u8PgcSf8AYAAAAAOAHgBAI&bg=!ERKlElbNAAao8wy8iPM7ACkAdvg8Wsvn2n6j6FB_ldYhZ1G6BtHe5QgIo_HmlkoDY_OzP-0Hgto_jwIAAADnUgAAAAdoAQeZAyUmdGPkMezOaslr8dnavTWnrMXAX2swoWy725WAlvJyHKz8puZjyfGgBiNjhhh6lVPs-SwZfm3YG7wlHjWaqnZ3d6rqEAoSJGbh2jktZZZXNTCDfLCcCnco9ufPuCNm1WWDSjWh7wJ-7t-2Ov3f2BKdwIe60Ab-9R0L6FVUPPoh0Xh2b1aoMvduzUdgv0dY2onJFqYoiKMvQ4TITkfzDJ142DdPc2QdO7WHxG7rqv_wBKmUkH6HC49rLNxk447MOnGEU3NjrLwURF_HUIXKF6sM6bNHy2GlPU71LvPaRvA10ExAYaEtVxYuFbJbhAWGu9ToP2Kl-0rIfAiARJgMEdGbQfJUwW9S7ehoYRpqK-xo6capt415zvaTzKqW_aIB8Cj2Hhb_tHQO-cXvwYBgsxLYVdJ4Ru8DQUP6Xz0VX7_Qs-xggninxSYZdNAzsWLOMScrIG6MpFIK2JJoEeO0rPX3kPYIXAtweKhxuJGbiTk1mOCuJbaO2Lt72ZXSmO3OHGTZIqYbcMUrasKnBAbQlzuT0Giy8rlv3V9NTISnqAmBH4PvIpVuYLXDfwCx8nx1Erg-B2pxIn9O5yVY2avEU6MzY2wSbEfkgMtiZWwtAyS_59n-aOP1PgaV8I2oQv1GzDQeoqy11eIwqBMmoItuX5Gvr_Zg8ayJfpLQMaMNqfNiVXg8mjult4P5WIv3AQSGp-JN-W0ls89FBhAnTEYadTfovlcz2OcwEU46wuw7j1bs9NOY4pdkiQMrhVZo_1AJWszO2qo8X3028Vj4oOA-wLs8sue113gZraksGMA-MdCvXF5Q0es0FrEkgzpicG3-ubns15FTXcLbQTFhr2WFyJrSneEiqMzUXh52xoKdCFfRzpFiZeDm4BKtPTyfhkCSi0OtAF4kDPYMwf7Lipj0-Lbwk4edV80AFEhsTP0_nxU0Htj3taPgJ-nVYPEEA41e6SouAvMTEtTQ6Me6ar74SxsCWgpgj-Baea_qdkySvIsIP1FsvNdr8mxFWltn6NLlZ-r193cfJnfIn8vk1wPlpjztsLuEfWrdl7D1Yj0NlqXqy9g57y-T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB6F 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVQtZSe4A7Shry6PH4D0ZV8qUy07qLBJ7pfJ6J8pwyC7OKg0CaCA6Ks8JppASSO50FuO_U8jKAHvOgZOg6J4uiURA70kR4NfkE9ixqjD1yrfyVYoD6s6Q66ryJZBFd9TXa1kRJqgqNnTWyXvd8mdy7mKJb65SMaT0WPgVpHWUhWWeKKUbv&sai=AMfl-YTXro34M8a6yMk1MrUqJcgcPondnbYwLcRpFGeJiXNRgWkhwrOlhqOjViHITXjvLmcgiYpnvm3tdO5ss0M_9w3Y1gUM8GBUS4vRyrQ90-rXAAcs2cfEY7q83CwMRv4&sig=Cg0ArKJSzFWsyMcMfXWCEAE&id=lidar2&mcvt=1001&p=231,288,481,1258&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2327037617&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706040177&rpt=175&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052401&jk=1527260689355420&bg=!mZqlmt7NAAao8wy8iPM7ACkAdvg8WhuFAa-VwWnJcWXsT-RYH5PnM6t5ErfpuKwTYn1iwv12U--cMQIAAAGNUgAAAAJoAQcKAAo0w6msdvbaxuNxmQKNvNepwebe71q03Wc0F1faCrXZxHJwN-4VFslUpaa1LFt8Up0Pm0vsHT4hQzNRiqiVzd5tt9HAcEi45vs34MG1xzgHQQ024SArOyV6rCgQkRVgFcfZDiUgp55DENKjzM2YOLU4YgTPzRL1Mm1JAFjCoTS7KouvN9qLR1T2SPnDw88rt-C_7ItmWcqn5gkQmi55pqu0j9RHdsUQwtuB0UyFmh5mtWhFixafAl9buqGwDo2z0SZUlSolw-BtLQON5n9mDKVrvLZ9bf64YHA9vRq7BAuozgE3ib0xrdrXUiSb-mIyy619eoJb-e-Lzc2-xBDiCws2l5BCqnQgmKywLDZxo2urtTPcFTIhWtf1ytkfYqratHZaz69aAGmYoyeGwjaNZ2OwugOxkVfRiP3iF9MNVq_ibdGjzbCnHNB6mHWjdH-hFQ41P_Kp2Hd4W_yVvQUZn5qRfV2dJ0-tCJMxn2HLPyjvMGQJ7vS_A8G9CWT9toGPk6Mxa77SrzHgqTBLNE1bKQU-2QC5YSjyuCjwqsp6cWqVqeE0KjoVQa4NTEj70FYYoW4jWj6-MqOhHi0bYo5LyGOlXEFso54atRgCWXjT7EFgUnykUayTt3sUsAhzRAqTnCIyjmdOP5Exa8q5fQegs5cMpIBuBPlRbKLeJKbwdTvOuxy84NMzSWkVTzYku8hDvEdtH1xrOuVRpMojz9EEPDj5_cKHkhmdP4nbolvpaM69pKBVMIVE86lNSpkj__Nan0P8m40Yh_HHHmIetQeXNLoeEW_VOaFTHLPOFBTwcjpn5PLrPf-z7wDC78q0VLfVPQRw767RByH6UfthGgBTOG5eSRvQqC-_tLuscnjlnv7vXh7Jgvs4N8wCpBI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9CA6 0
0 52ms
52ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COO-7N42RYqfIMczc7_UPp6-8wAuciMqHYq-vmq3iC-v7uK3mJBABIJWbyiFglaqggrAHoAG84Z30A8gBA6kC3fH6XtEBsj7gAgCoAwGqBPwBT9DJ8oGE5S94zYrc4X6nCnswmHFYevMZEWBt4SS5tJJIPstAsKocjz7EcbnZzVb2MQV39qDXi2IFAUpCSUKvKVKklXNLlWuU5F7JlMJpwaVX_iXakt5Jg-zC4oLkIyEhNhNmB6BGEYU30GpgdTghZXO5KFqnFbPDgIK_2VViCUBHZkWY0j_SgT3xFD8kThY9J6l1xaOR8Xx815Ikp7GsSZLpSHoWj5eEl8sAVrKoEj6NmEs5cuqD8y1jW9nAbFSsj5JNh-3Ztjl6gFO7S5lGiPO3bHVvjYGeuzKszfWSKfzySn8Hq_7dstqvh8fPcDkY8L0nOAYrmmyh6jKHwAS7hNnmgwPgBAGgBgOAB6ye4guoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC43RPSCAkIgOGAEBABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=N95wxJhctCo&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CA6 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6t3cQ2qYBkoDvLGKLcxjbwnXmO9YDd_bh4JJrntBjhKH7l5saCzpbNRd8u8xW-p7yS1ZsDFphYtqDp8ioBwsrKliCrXvPOyLbLaX9OALinPbQIEhlhK9LbfDJh3TPEcCTzHrpGixip9Dclq6_mus6&sai=AMfl-YRDyCUcke1wZREaP278WOMSkty3MA0UkH2PGFplAx8PZ0rlELgmS2BQ8L1jk92XjwHOgAE0xdL-auoTJOJF_M6mFcAjS8f4k9_XJpo7&sig=Cg0ArKJSzD16L72FHGrAEAE&cid=CAQSLQCNIrLMoKaX7e7COHVaqeTLxkqpuKa8tL0eVe3WeXglebH206bZv3ZJzHXMiQ&id=lidar2&mcvt=1000&p=1089,298,1213,1303&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=4&adk=2840331734&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653706040110&rpt=320&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C645 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutZMQXyTro5fNoa-CDKMpCuLQILTcGnpgCuFZCyzOWmC5wRAYQ3fL14LV1ZCkqlCCGA_PX6s0GiyfIcQY1Z8tPtVUzflC81E4Z8rPExRZRe8lJdzOfdHNAj2GQ&sai=AMfl-YQi0QxDQF_MD0kC-S8X2d14RBfB8mGG9PlFbT2rukoX2GZKRDIlFNJO78HDT1tvfY9hk8snLNnrCeDDbquudXO8i8qb_iJwVg7N_nn4qS7IdvQp_nVkLyjZ9Cgr-xs0&sig=Cg0ArKJSzHGor8jzU5-hEAE&id=lidar2&mcvt=1001&p=699,288,963,1312&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1517400100&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706040099&rpt=318&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34F7 0
0 54ms
53ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCT77N42RYtexL8fP7_UP4tyj6AiD5e2lauy-n7OvD4iU-IezAhABIJWbyiFglaqggrAHoAH09_T-A8gBAakCE5AHDFACsj7gAgCoAwGqBP4BT9BiZAzzRi6TaiVG3wABGITNocTHqpRVmapEcxsUC5HUUkR6epdYmDvnwo7nQVDwp7cnKjTnO4qeX-OXLeFs27mPDbI1EZ_yD2r5WLMghyIb1_WaGe9H_aFxvX0JPac921npLBlY5lPVi4SwmBSQDhn1fJ5b8dFUiS_ZyuliSwjuR3IYVX3TY0UdmDHvk0XM_7Q2BCkEilljNagFEHAE2o8dlKxMWUT_IuyPUu5j-MbOr8gWBQ2Gu09bnWvJRCgBsJqfzlz5l9-JJlsI10FiIoPkyMCD3gwAPrgoYy1wv9wA51LQnxDMNJzApmp8NCpZ0FiDbpdAC5iVmunVD-vABKn_t9P_A-AEAYAH9IeLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJHpHNIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=nipw6nwn6PQ&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34F7 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgAqCpaxtzrGUahvtmcaaQ5WeQcoYEZwzULcyzFO0J3qb-2xVR-3svfrdJzH-aO_poB0RXdzSXJ8Y5YfA2706a7S5yzsX5jjVj61bbvPDmpR3HuaJlVBL8IXuAjrCA_HT7PmYYnu36r8bie2lQC_8&sai=AMfl-YRDknj_ssn3WV2BcpE4gkPTIaC2lPGtZcWD-euIbvZWsRNHHjpTmNiJCijSd-W8v3T-XUhw7BF8eveLvo0eau4hIqW1lovOGS8ZNOA9mtaD7Pz9_LxMBnq7oRigkfA&sig=Cg0ArKJSzBDsFFrh05HbEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3551285455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653706040033&rpt=839&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Sat, 28 May 2022 02:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 0CA2 0
295 B 23ms
8ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=2f595697668c45099b099f543fd56509&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=114&eoid=9&msrjs=2767&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=123&tetms=7&msltms=96&vltms=114&sei=290&vetms=59&engms=1&engisel=1&ttfurm=2199&cbust=1653706042982639
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 Surbiton, United Kingdom, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 28 May 2022 02:47:23 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 05/27/2022 02:47:23

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 0CA2 0
295 B 8ms
8ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=2f595697668c45099b099f543fd56509&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=11&ismms=36&isumms=35&isvelg=1&nvr=6&elmtp=1&isbxdms=2235&b0=100&b11=2212&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&vsos=13&dvp_vsosnmr=16&lftb=2312&sftb=2312&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1035&isuiabvms=1035&ispmxpms=1035&iscvmvms=1035&engalms=34&engscrlms=146&dvp_pageEng=true&cbust=1653706043981781
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 Surbiton, United Kingdom, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 28 May 2022 02:46:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 05/27/2022 02:47:23

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: file-upload.site
URL: https://file-upload.site/page.js

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.com/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.com/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Sat May 28 2022 02:48:18 GMT+0000 (GMT), path=/
freychang.fun/	1970-01-20 12:00:10	Name: csu Value: 1092220904164372@1@1653706038
live.demand.supply/	1970-01-20 20:52:58	Name: demandSupplyTi Value: a3431406-2630-41fc-b813-63dda0cdd3fe
.mobilesafe.shop/	1970-01-20 20:52:58	Name: _ga Value: GA1.2.1040873624.1653706039
.mobilesafe.shop/	1970-01-20 03:23:12	Name: _gid Value: GA1.2.1965601580.1653706039
.mobilesafe.shop/	1970-01-20 03:21:46	Name: _gat_gtag_UA_126662314_1 Value: 1
.mobilesafe.shop/	1970-01-20 12:43:22	Name: __gads Value: ID=60dfccd3d38e71a6:T=1653706039:S=ALNI_MZxjbKMt2a5Y2Xf-JSO1neeHsygKA
.doubleclick.net/	1970-01-20 12:43:22	Name: IDE Value: AHWqTUnEvehhTtgOBxRvx5Ds4EJS8x3PekXmgMg8Txgqgd-3wK9ragbN6SRxl8LVXjs

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S789494955%3A1653706038640235&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCczgTL4pd9eTkVjBLQ4ZVXAqts64SvWBjK8fsad4KJZ5Kc63UI1vtvhzTJDqq0D8A_j4viRKoQ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
api.demand.supply
be71655e5b2433653905c0528bbb6c8c.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.id5-sync.com
certify-js.alexametrics.com
connect.facebook.net
d26adrx9c3n0mq.cloudfront.net
denknowled.xyz
dinterperson.xyz
elementalantecedent.com
file-upload.site
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id5-sync.com
images.dmca.com
live.demand.supply
mobilesafe.shop
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
www.facebook.com
www.file-upload.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
file-upload.site
www.file-upload.com
108.156.46.17
141.95.98.65
142.250.181.226
151.139.242.29
172.217.16.130
188.114.96.3
192.243.59.13
213.254.244.105
2600:9000:214f:5000:b:b271:7c80:21
2606:4700:3030::ac43:dadd
2606:4700::6810:8516
2606:4700::6810:8616
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200d
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a02:26f0:b600:182::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
46.105.202.126
66.29.132.14
99.86.4.90
011215a968074cd59e40d2c863e97d0e716b33f112911875150de317831c1029
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af
074c7945755818cd49e9ae374a5b152cbe2531fc772f9f86d487582d444ff729
0a57e7ab3a93a61cdcd828a13121a2daa341cd689adc76b653ab12c6cbd185ab
0a978fcb8023f8ce2145635284b846bf5800ad3472f98735ee7a00f820bd4529
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1227caa7198772d9b01fe642a882a5359d4ad555e7220dd6b6bfaa4670b60675
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
178fd25a165892e41108f547a0386f1b4442262b632552a36d566bc43c442394
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a02b783fe60f7e2ba374d4d7933151596bfacd423db5d51e94de73d2b0e5208
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1c5f78fe8666aca23d1081848a3c6f4862e5e4804bb000b57f45cf4eac46bbc3
1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d
25410b6356daa907ad89631faa264041ce20de666efb3cb71af591e3fbdd343c
275210c5abf2c364d73c8f6c630bb2c60b291c477d25838e9f24bccabd87aa95
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3784df3b4613476a485f35df58646968ffc0a97b34c3e542619c86e496485d63
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
41824ba53343a44e3df59e89555ff9f47c84b14ad4bea9f50b5b67deeac4db2d
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47fc2aaa0e149108bb772913151807fcefa62caa151cc56e69e873e818dcfe08
488a06e189f31a2039ad62baa5ca2758ff215d12471058bdd6fc7b50c05eee8a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52ff20bf8cee0b6f499062d8f9289699fb52925d76f7ff13bc9c502d181bac70
5449997ccd67d4aec4ee1211b97bd65eedb432b0ea66213d138fb7ced35ad37f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c7a8ce7d8d30ca87e7c1d0d71bdfbf5ddcc5be116efab148f44dce180d376b
55d6e42bbbe7490d3212a9f3007d1f50887331885c471ade766f5e84d897912b
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6100369234d25286a631cd31a426c776e1a9c310721f488474968b46cb1f859f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d
62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
6f8a8dee0a0342f6a07d2e7523f35a77e9b4ea9405b44674d3eada33bc289c6c
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
777cc4b772543f6674ef8eac6394720f93ba49ef1bf7a7afe815974bb44e1de6
7a206185c3c33dcf0451623d39a10c57e882d5dcdd40b51bd3366567d5a41898
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
81e1cfa3d7d84ee85ec93158371e929dbc067311b76d83a053d4f377f5608da1
8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7
8aead2a33a2fadd7deb6b4c0cd31756073b30cc5aae342be2ab35cfaa78e54bf
907744beb792d619322656bd0a8874bbae50e03e646fd9a9539b758bf3e0a204
94ebf24e6b2b935e0885ad3454b4d85f1a460b96f38adbac75943008d94da563
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
a0745c1a7e9f5fdf0406dff02bd3dd9b9e502af9c1b7b5df02a7702ad7e200d0
a0854051280a3150d292867b602f37bd22bc38419f49eace29f36885b66e62f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bea1f2e1b6c000d5289dd1de1a9475c9245d3afe0a021ece086400dccdca1d42
bf3c338385eb2b34eef4e6fd197550a02c09acdf5c78f3bbcf804471ab8413e5
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c1e57e3de70c1b82b3194e07a17d8660c19f376d463f9250b263e398e42f6c4b
c2e2b8c49b6d48e9d383200873172fe49e32381b180ded623dfd1e5ab27b5cf2
c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a
c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
cf49fc361a840ed23a9d4aa0d4d90753d84308079e887fce936b69f0be4eebea
d2aa4e0589e0d9a540fef953168faf49d1f9340c968e03de4035d2616774ea2b
d9da6afbf3c3c84127d6fc720975d4faa27d2bb7503aec74e3b5658bdcd7926a
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dd6607c932d8e4d677e1e1646485ad450057f573eb17b0ad3ab309e160bd81c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
ef06cef118aebe8b298f181787352fdf1cee7a18716c249aabf40d0258d90ea7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57bcee742241e34423cb12fdbcb8d3a7efe88c738cc0146434591b50467c535
f6b39d4afbea69d5d0ab26457f722dad72bdde2e188cf8e7536c53bc22384b27
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
ff7b5000510129dd5eed4ff3f6a0a9680bb1222be55fe6a1b4c0c35899e88533

mobilesafe.shop Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

98 %HTTPS

68 %IPv6

25 Domains

37 Subdomains

35 IPs

6 Countries

3467 kBTransfer

6995 kBSize

9 Cookies

31 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

98 %
HTTPS

68 %
IPv6

25
Domains

37
Subdomains

35
IPs

6
Countries

3467 kB
Transfer

6995 kB
Size

9
Cookies

206 HTTP transactions
2 data transactions