urlscan.io logo urlscan.io
SecurityTrails logo

dfiles.eu Open in urlscan Pro
94.242.227.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://depositfiles.com/files/58oyyhubm
Effective URL: https://dfiles.eu/files/58oyyhubm
Submission: On June 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 9 countries across 55 domains to perform 167 HTTP transactions. The main IP is 94.242.227.151, located in Luxembourg and belongs to ROOT, LU. The main domain is dfiles.eu.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2021. Valid for: a year.
This is the only time dfiles.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 94.242.227.135 5577 (ROOT)
1 94.242.227.151 5577 (ROOT)
10 94.242.227.224 5577 (ROOT)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
3 213.174.135.24 39572 (ADVANCEDH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 15 94.242.236.53 5577 (ROOT)
1 213.174.135.25 39572 (ADVANCEDH...)
16 104.19.131.80 13335 (CLOUDFLAR...)
5 104.19.136.78 13335 (CLOUDFLAR...)
16 13.224.193.65 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 104.19.132.78 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.19.137.80 13335 (CLOUDFLAR...)
1 3 65.9.77.30 16509 (AMAZON-02)
6 104.19.138.80 13335 (CLOUDFLAR...)
2 52.34.145.6 16509 (AMAZON-02)
2 5 35.244.159.8 15169 (GOOGLE)
1 185.86.138.32 201081 (SMARTADSE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 8 37.252.172.249 29990 (ASN-APPNEX)
4 4 13.248.242.197 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.254.209.142 16509 (AMAZON-02)
16 199.232.137.44 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a04:4e42:3::300 54113 (FASTLY)
2 9 141.226.228.48 200478 (TABOOLA-AS)
1 1 213.254.244.19 36062 (DOUBLE-VE...)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 213.254.244.25 3257 (GTT-BACKB...)
1 54.72.232.11 16509 (AMAZON-02)
1 2 142.250.185.102 15169 (GOOGLE)
2 2 84.200.5.215 31400 (ACCELERAT...)
1 1 46.4.62.19 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
2 4 185.64.190.79 62713 (AS-PUBMATIC)
10 11 142.250.185.226 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 185.86.138.143 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
6 7 51.195.5.40 16276 (OVH)
2 2 35.227.248.159 15169 (GOOGLE)
2 2 35.156.198.184 16509 (AMAZON-02)
1 1 54.77.47.243 16509 (AMAZON-02)
2 2 51.38.250.95 16276 (OVH)
4 4 51.75.198.14 16276 (OVH)
1 1 172.104.64.149 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 52.28.82.26 16509 (AMAZON-02)
2 2 3.127.166.11 16509 (AMAZON-02)
2 2 18.185.197.81 16509 (AMAZON-02)
2 2 23.111.200.118 7979 (SERVERS-COM)
1 52.207.161.225 14618 (AMAZON-AES)
1 2 35.157.83.29 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
1 141.226.224.32 200478 (TABOOLA-AS)
167 53
2    94.242.227.135 (Luxembourg)

ASN5577 (ROOT, LU)
depositfiles.com
1    94.242.227.151 (Luxembourg)

ASN5577 (ROOT, LU)
PTR: ip-static-94-242-227-151.server.lu
dfiles.eu
10    94.242.227.224 (Luxembourg)

ASN5577 (ROOT, LU)
PTR: ip-static-94-242-227-224.server.lu
static.depositfiles.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:20::681a:686 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.unblockia.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
distinctleftmargaret.com
3    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pw.wpu.sh
js.wpushsdk.com
3    2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
engine.4dsply.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
15    94.242.236.53 (Luxembourg)

ASN5577 (ROOT, LU)
PTR: ip-static-94-242-236-53.server.lu
adsbb.dfiles.eu
1    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
vasgenerete.site
16    104.19.131.80 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
cm.adskeeper.co.uk
s-img.adskeeper.co.uk
5    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
16    13.224.193.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-65.fra2.r.cloudfront.net
adpatrof.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
1    2a02:26f0:64::215:f2cc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
2    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
3    2606:4700:10::6816:3181 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
1    2606:4700:3032::ac43:9028 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    104.19.137.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.steepto.com
3    65.9.77.30 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
6    104.19.138.80 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.steepto.com
2    52.34.145.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
exchange.adtrue.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
1    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    2606:4700:3037::ac43:d405 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
1    34.254.209.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-209-142.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
16    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
images.taboola.com
match.taboola.com
2    2606:4700:3038::6815:eb9b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
6    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
pips.taboola.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
1    213.254.244.19 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
1    2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    213.254.244.25 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps20238.doubleverify.com
1    54.72.232.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
partner.blau.de
1    82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
portal.blau.de
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
11    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    51.195.5.40 (France)

ASN16276 (OVH, FR)
id5-sync.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    35.156.198.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    51.38.250.95 (France)

ASN16276 (OVH, FR)
p.crm4d.com
4    51.75.198.14 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    52.28.82.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    3.127.166.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
2    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    52.207.161.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
2    35.157.83.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
32 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
images.taboola.com
sync.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
191 KB
16 adpatrof.com
adpatrof.com
131 KB
16 adskeeper.co.uk
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
cm.adskeeper.co.uk
s-img.adskeeper.co.uk
122 KB
16 dfiles.eu
dfiles.eu
adsbb.dfiles.eu
349 KB
13 doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
3 KB
12 adpone.com
hb.adpone.com
1 MB
12 depositfiles.com
depositfiles.com
static.depositfiles.com
598 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
23 KB
9 steepto.com
cm.steepto.com
s-img.steepto.com
78 KB
7 id5-sync.com
id5-sync.com
10 KB
7 pubmatic.com
hbopenbid.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
2 KB
7 mgid.com
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
72 KB
5 openx.net
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
1 KB
5 adtrue.com
cdn.adtrue.com
exchange.adtrue.com
89 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com
2 KB
4 adsrvr.org
match.adsrvr.org
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 doubleverify.com
tps.doubleverify.com
cdn.doubleverify.com
tps20238.doubleverify.com
953 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
168 KB
3 4dsply.com
cdn.engine.4dsply.com
engine.4dsply.com
124 KB
2 3lift.com
eb2.3lift.com
738 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 perf-serving.com
prod.perf-serving.com
1 KB
2 crm4d.com
p.crm4d.com
991 B
2 360yield.com
ice.360yield.com
1015 B
2 tapad.com
pixel.tapad.com
932 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 cdn-adtrue.com
cdn-adtrue.com
28 KB
2 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
1017 B
2 wpushsdk.com
js.wpushsdk.com
33 KB
1 postrelease.com
jadserve.postrelease.com
428 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
361 B
1 gumgum.com
rtb.gumgum.com
304 B
1 criteo.com
dis.criteo.com
546 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 lead-alliance.net
www.lead-alliance.net
541 B
1 telefonica-partner.de
www.telefonica-partner.de
191 B
1 krxd.net
beacon.krxd.net
338 B
1 adomik.com
projectagora-483829-hdb.adomik.com
103 B
1 projectagoralibs.com
projectagoralibs.com
2 KB
1 googlesyndication.com
pagead2.googlesyndication.com
1 projectagora.net
projectagora.net
103 KB
1 projectagoraservices.com
ads.projectagoraservices.com
4 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 vasgenerete.site
vasgenerete.site
198 B
1 wpu.sh
pw.wpu.sh
25 KB
1 distinctleftmargaret.com
distinctleftmargaret.com
1 unblockia.com
cdn.unblockia.com
14 KB
1 google.com
www.google.com
577 B
167 55
Domain Requested by
16 adpatrof.com adsbb.dfiles.eu
adpatrof.com
15 adsbb.dfiles.eu 4 redirects static.depositfiles.com
adsbb.dfiles.eu
12 hb.adpone.com adpatrof.com
11 cm.g.doubleclick.net 10 redirects
10 static.depositfiles.com dfiles.eu
static.depositfiles.com
9 cdn.taboola.com adpatrof.com
cdn.taboola.com
8 ib.adnxs.com 3 redirects projectagora.net
cdn.adtrue.com
acdn.adnxs.com
8 s-img.adskeeper.co.uk adsbb.dfiles.eu
7 id5-sync.com 6 redirects
6 sync.taboola.com 2 redirects
6 images.taboola.com adpatrof.com
6 s-img.steepto.com dfiles.eu
5 trc.taboola.com cdn.taboola.com
4 cookie-matching.mediarithmics.com 4 redirects
4 image8.pubmatic.com 2 redirects
4 match.adsrvr.org 4 redirects
4 c.mgid.com jsc.mgid.com
dfiles.eu
3 x.bidswitch.net 3 redirects
3 sb.scorecardresearch.com 1 redirects jsc.mgid.com
dfiles.eu
3 cm.steepto.com adsbb.dfiles.eu
jsc.mgid.com
3 cdn.adtrue.com adpatrof.com
exchange.adtrue.com
dfiles.eu
2 eb2.3lift.com 1 redirects
2 ads.betweendigital.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 prod.perf-serving.com 2 redirects
2 p.crm4d.com 2 redirects
2 ice.360yield.com 2 redirects
2 pixel.tapad.com 2 redirects
2 sync-t1.taboola.com
2 ce.lijit.com 1 redirects
2 bh.contextweb.com 1 redirects
2 eu-u.openx.net 2 redirects
2 ad.doubleclick.net 1 redirects
2 cdn-adtrue.com exchange.adtrue.com
adpatrof.com
2 exchange.adtrue.com dfiles.eu
cdn.adtrue.com
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 fonts.gstatic.com fonts.googleapis.com
adsbb.dfiles.eu
2 cdn.adskeeper.co.uk adsbb.dfiles.eu
2 c.adskeeper.co.uk jsc.adskeeper.co.uk
2 js.wpushsdk.com pw.wpu.sh
js.wpushsdk.com
2 cdn.engine.4dsply.com dfiles.eu
cdn.engine.4dsply.com
2 depositfiles.com 2 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 acdn.adnxs.com cdn.adtrue.com
1 jadserve.postrelease.com
1 u.openx.net
1 match.taboola.com
1 bttrack.com
1 s.c.appier.net 1 redirects
1 rtb.gumgum.com 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com 1 redirects
1 pixel.rubiconproject.com
1 us-u.openx.net
1 image2.pubmatic.com 1 redirects
1 portal.blau.de
1 partner.blau.de 1 redirects
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 beacon.krxd.net
1 tps20238.doubleverify.com
1 cdn.doubleverify.com 1 redirects
1 tps.doubleverify.com 1 redirects
1 trc-events.taboola.com
1 projectagora-483829-hdb.adomik.com dfiles.eu
1 projectagoralibs.com ads.projectagoraservices.com
1 cm.mgid.com dfiles.eu
1 hbopenbid.pubmatic.com projectagora.net
1 prg.smartadserver.com projectagora.net
1 projectagora-d.openx.net projectagora.net
1 pagead2.googlesyndication.com cdn.unblockia.com
1 projectagora.net ads.projectagoraservices.com
1 ads.projectagoraservices.com adpatrof.com
1 servicer.mgid.com jsc.mgid.com
1 engine.4dsply.com cdn.engine.4dsply.com
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 fonts.googleapis.com adsbb.dfiles.eu
1 jsc.mgid.com adsbb.dfiles.eu
1 jsc.adskeeper.co.uk adsbb.dfiles.eu
1 vasgenerete.site js.wpushsdk.com
1 www.gstatic.com www.google.com
1 pw.wpu.sh dfiles.eu
1 distinctleftmargaret.com dfiles.eu
1 cdn.unblockia.com dfiles.eu
1 www.google.com dfiles.eu
1 dfiles.eu
167 89

This site contains no links.

Subject Issuer Validity Valid
*.dfiles.eu
Sectigo RSA Domain Validation Secure Server CA		 2021-06-29 -
2022-07-29		 a year crt.sh
*.depositfiles.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-07 -
2021-10-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-13 -
2022-06-12		 a year crt.sh
distinctleftmargaret.com
R3		 2021-06-25 -
2021-09-23		 3 months crt.sh
pw.wpu.sh
R3		 2021-05-21 -
2021-08-19		 3 months crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
js.wpushsdk.com
R3		 2021-05-07 -
2021-08-05		 3 months crt.sh
vasgenerete.site
R3		 2021-06-26 -
2021-09-24		 3 months crt.sh
adpatrof.com
Amazon		 2020-09-24 -
2021-10-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
paadserver.projectagora.info
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2019-11-05 -
2021-12-13		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh

This page contains 27 frames:

Primary Page: https://dfiles.eu/files/58oyyhubm
Frame ID: C83A962A214AC18FA82042E0BA53BE00
Requests: 23 HTTP requests in this frame

Frame: https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Frame ID: F9C603E67C1F85D4A2E56EB61E7A43C8
Requests: 14 HTTP requests in this frame

Frame: https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Frame ID: FA55D0A65AC92CBC7E9E0DD1E7979528
Requests: 2 HTTP requests in this frame

Frame: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Frame ID: 1C00789121730D41CF8D0C9583F4F7D1
Requests: 5 HTTP requests in this frame

Frame: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Frame ID: B9C85C202D8C8AD5038B92B0801F7E8C
Requests: 22 HTTP requests in this frame

Frame: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Frame ID: 3F911430BFA6A9E7E7114FBF7CE7A159
Requests: 7 HTTP requests in this frame

Frame: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb0&cb=8184011624985620819
Frame ID: 831CDF11586CC397B1CE70E61EB6AF63
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560019&cb=5642191624985620822
Frame ID: 251A2D91584FD541F0C65E270F49DA0A
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=4733131624985620828
Frame ID: 5C81627BBF52E6DC9FA3F06C0D7BFCEE
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0594051624985620831
Frame ID: 07ACF95BD9CFF57BD91B5B97EEB7E460
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec39&cb=0831961624985620838
Frame ID: C86AE951E7191F6B9F12E3D7D88CC262
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=8164331624985620846
Frame ID: 516BA2AF41BDD5CB693E1E1B9DD57E3A
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Frame ID: E6E8673C308179C62E4F380AE42FCE10
Requests: 10 HTTP requests in this frame

Frame: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b131&cb=2580511624985620849
Frame ID: 64CA5AA781BFF387AC091E0A7B012AD8
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=3556161624985620850
Frame ID: 41C57951B4673CEBACCA00D41911BA25
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a5&cb=9189031624985620852
Frame ID: 19A0EBBB082FBB9B389F17C6641D9989
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc879&cb=4878661624985620854
Frame ID: A2E5CDD59A14B7ACBFEB3B9952B53E41
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515689&cb=8897671624985620856
Frame ID: DE6BA810B27585CD0DC1AF4E1CF73181
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5289&cb=6150781624985620857
Frame ID: E14D92589E498C86289BA5E1C6AB657D
Requests: 2 HTTP requests in this frame

Frame: https://adpatrof.com/stats?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=2611351624985620858
Frame ID: 3DEEF74094662D7EA40362860D2E5B13
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1624985620909912239047
Frame ID: 2653D9E02AD52B869B4601A508875850
Requests: 1 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1624985621207409241673
Frame ID: 3289F89D2CEB9A5C28A389F766094877
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=2349454042&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/
Frame ID: EAA6947743E46121C75E300E857CD1D3
Requests: 4 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 40F139333B498806945A7A80218A7614
Requests: 26 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 0DE1849083C0EA47262095BA2AF1A584
Requests: 3 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 263A09661E402BC221F7B018C03510A4
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E355E685A8089B2A1AC97EF368B2FEA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://depositfiles.com/files/58oyyhubm HTTP 302
    https://depositfiles.com/files/58oyyhubm HTTP 302
    https://dfiles.eu/files/58oyyhubm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

167
Requests

100 %
HTTPS

21 %
IPv6

55
Domains

89
Subdomains

53
IPs

9
Countries

3210 kB
Transfer

7937 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://depositfiles.com/files/58oyyhubm HTTP 302
    https://depositfiles.com/files/58oyyhubm HTTP 302
    https://dfiles.eu/files/58oyyhubm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://adsbb.dfiles.eu//ad.php?z=56&c=FR HTTP 303
  • https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Request Chain 17
  • https://adsbb.dfiles.eu//ad.php?z=7&c=FR&g=no_file&u=60db50139059b-13574526 HTTP 303
  • https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Request Chain 18
  • https://adsbb.dfiles.eu//ad.php?z=58&c=FR&g=no_file HTTP 303
  • https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Request Chain 19
  • https://adsbb.dfiles.eu//ad.php?z=60&c=FR HTTP 303
  • https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Request Chain 104
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&c9=https%3A%2F%2Fdfiles.eu%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&c9=https%3A%2F%2Fdfiles.eu%2F
Request Chain 105
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=8f6a5247-60fe-4bf4-8585-233473e657f5&ttl=1627577621
Request Chain 125
  • https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25707541&sid=5791742&plc=306702350&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img& HTTP 302
  • https://cdn.doubleverify.com/redirect/?host=tps20238&param=akipv6&impid=fcbd44afa3ae4474bbf93a26090ed5e9 HTTP 302
  • https://tps20238.doubleverify.com/event.png?impid=fcbd44afa3ae4474bbf93a26090ed5e9&akipv6=2a01:4f8:121:131a::2
Request Chain 127
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=adpatrof.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_pre=CMuBvpanvfECFU4L4AodY8YBPw;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=adpatrof.com
Request Chain 128
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021062918534252147602417X117667V1225131106MStabnat_Pros_Desk_Generic_view HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021062918534252147602417X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Request Chain 138
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg2M0VEREUtNUE4OS00RDk0LUIzMzYtQzMwMUNDODFEMjhG&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg2M0VEREUtNUE4OS00RDk0LUIzMzYtQzMwMUNDODFEMjhG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 139
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF68mweAH6aPyS8ghl3SbjU&google_cver=1
Request Chain 141
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9SvRcqgotbGW&ev=1&orig=trc&pid=562107
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIhR31Ow9A_-1cAmQE9KQ10&google_cver=1
Request Chain 144
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596:$UID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 145
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cbfef4aa-1f6f-4189-93a0-e147c490a734
Request Chain 147
  • https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 151
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d2083a1a-a283-4f0f-8dae-174b607c3bf5
Request Chain 152
  • https://id5-sync.com/s/464/9.gif?puid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/6/2.gif?puid=df715faa-098f-47ba-b8bc-0f50fc8e9456&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMORNNymTIWiShVt0HdlEr1HpKYHU1lc6j7ksqkLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMORNNymTIWiShVt0HdlEr1HpKYHU1lc6j7ksqkLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/5/3.gif?puid=12697f33-6600-4f2d-8b90-1e9c920d01d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/4/4.gif?puid=e_8f34eb42-e1fb-4470-b6c2-9ca490974ea6&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
  • https://id5-sync.com/c/464/9/3/5.gif?puid=_0zWnNCalOwGWOxVgmLgw8ugIkpTAQBfgxrn4Ko2udc&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDv6AQNeabETwZsJ7SONK-g&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDv6AQNeabETwZsJ7SONK-g&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4741765832791749013&opid=apx&ops=&utidl=tech:goo:CAESEDv6AQNeabETwZsJ7SONK-g&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18324028428&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Request Chain 153
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ttns9wiPCkaGEcRBGVDbYA
Request Chain 155
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=1bb9670c-8207-4a62-9e2a-2d38af2e5af6&ssp=taboola&user_group=1 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1b7a8e98-1164-4972-9f8b-1092244b1d35
Request Chain 156
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&tbid=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598&query=taboola_hm%3D8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&isDirect=0
Request Chain 158
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4245f37-0eeb-51b4-b12b-ed03d1f0bd1a
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=bwS_AfiBQ0-nS4O_VA4sJA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596%26ui%3DbwS_AfiBQ0-nS4O_VA4sJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc=&google_hm=bwS_AfiBQ0-nS4O_VA4sJA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596%26ui%3DbwS_AfiBQ0-nS4O_VA4sJA&google_tc= HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&ui=bwS_AfiBQ0-nS4O_VA4sJA
Request Chain 161
  • https://eb2.3lift.com/xuid?mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 164
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 167
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

167 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 58oyyhubm
dfiles.eu/files/
Redirect Chain
  • http://depositfiles.com/files/58oyyhubm
  • https://depositfiles.com/files/58oyyhubm
  • https://dfiles.eu/files/58oyyhubm
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-151.server.lu
Software
nginx /
Resource Hash
90d2b1a223b28411e21ab33aed497388d25b5e4ae56444e4ecbbca0bda42ec1c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
dfiles.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uprand=01aa51095722fe23cb3b6a1afdc7764d; path=/; domain=.dfiles.eu last_file=58oyyhubm; path=/; domain=.dfiles.eu lang_current=en; expires=Wed, 29-Jun-2022 16:53:39 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Location
//dfiles.eu/files/58oyyhubm
main.css
static.depositfiles.com/css/ 		190 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.depositfiles.com/css/main.css
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 16:16:12 GMT
Server
nginx
ETag
W/"606b37cc-2f719"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=300
Connection
keep-alive
Expires
Tue, 29 Jun 2021 16:58:39 GMT
base2.js
static.depositfiles.com/js/ 		390 KB
390 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.depositfiles.com/js/base2.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:39 GMT
Last-Modified
Mon, 01 Apr 2019 16:12:08 GMT
Server
nginx
ETag
"5ca23858-6164f"
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
398927
Expires
Tue, 29 Jun 2021 16:58:39 GMT
jquery.validate.js
static.depositfiles.com/js/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.depositfiles.com/js/jquery.validate.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:39 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:43 GMT
Server
nginx
ETag
"59fb0dd7-957d"
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38269
Expires
Tue, 29 Jun 2021 16:58:39 GMT
function.js
static.depositfiles.com/js/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.depositfiles.com/js/function.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:39 GMT
Last-Modified
Sun, 29 Apr 2018 18:38:58 GMT
Server
nginx
ETag
"5ae61142-8863"
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34915
Expires
Tue, 29 Jun 2021 16:58:39 GMT
api.js
www.google.com/recaptcha/ 		850 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd79c3ca06671f1088754dc301596e1b75d56fed54ec18956166ebd741fb7c72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Tue, 29 Jun 2021 16:53:39 GMT
h.js
cdn.unblockia.com/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
880aa4caeabce90b6e4a16e7a564676bd8c12c96fbc12e233feeb9dea71e51a5

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1517
x-amz-request-id
Z3HS0D6GNW55F08G
x-amz-id-2
cvciS1K5imS1lxsRa7bzD1OLsSwwSP04PjRqNUVhrFoTY8ybIZ3atCO0hBZlGKnfYn0HvZXDJSs=
last-modified
Mon, 28 Jun 2021 15:50:47 GMT
server
cloudflare
etag
W/"d7b9bf7c91b9d408743981ab7fc38f1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4tB3EDIfsWqhWKM96FTILRkX53MoBKkFD5Wp7owiio3G%2FN2UvBhSFKVRgX9t7DsitnhZKhetrlBau8M%2BTeU2iYsCt8q6I2Ea4Q3ZnfbGnlPaxSB03poadsVXvXbm9F9RTAmYg1gw%2BxvUrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-request-id
0afa49e62d0000175a118ac000000001
cf-ray
6670ac1d0d3b175a-FRA
224ad4a14b4b15c1726ff705ec672ea6.js
distinctleftmargaret.com/22/4a/d4/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://distinctleftmargaret.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Jun 2021 16:53:39 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
main.js
pw.wpu.sh/script/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pw.wpu.sh/script/main.js?promo=22321&tcid=411&src=1926257466
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
054bde4e1d273cd088678aeff7956ce65f606431632cfc2196020b1160fb9998

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Jun 2021 17:53:40 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
logo.png
static.depositfiles.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/logo.png
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:43 GMT
Server
nginx
ETag
"59fb0dd7-e27"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3623
sprite.png
static.depositfiles.com/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/sprite.png
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:42 GMT
Server
nginx
ETag
"59fb0dd6-8fc2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36802
member_menu_bg.gif
static.depositfiles.com/images/ 		78 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/member_menu_bg.gif
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:42 GMT
Server
nginx
ETag
"59fb0dd6-4e"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78
Expires
Sun, 04 Jul 2021 16:53:40 GMT
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6c35f5b8233770e72198d8656dba0631e58e70e5da9fdac1b1601be627cac364

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
public, no-transform, max-age=900
cf-ray
6670ac1d3d231f31-FRA
content-type
application/x-javascript; charset=utf-8
cf-request-id
0afa49e64500001f319da00000000001
timer.gif
static.depositfiles.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/timer.gif
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:43 GMT
Server
nginx
ETag
"59fb0dd7-2d57"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11607
Expires
Sun, 04 Jul 2021 16:53:40 GMT
lang24.png
static.depositfiles.com/images/flags/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/flags/lang24.png
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 14 May 2020 09:52:24 GMT
Server
nginx
ETag
"5ebd14d8-23d4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9172
recaptcha__en.js
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dfiles.eu
Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135608
x-xss-protection
0
last-modified
Mon, 21 Jun 2021 04:05:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 15:11:22 GMT
sprite16.png
static.depositfiles.com/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.depositfiles.com/images/sprite16.png
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.227.224 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-227-224.server.lu
Software
nginx /
Resource Hash
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1

Request headers

Referer
https://static.depositfiles.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:40 GMT
Last-Modified
Thu, 02 Nov 2017 12:21:42 GMT
Server
nginx
ETag
"59fb0dd6-6f55"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28501
ad24982685d6c5ba.htm
adsbb.dfiles.eu/upload/1612/ Frame F9C6
Redirect Chain
  • https://adsbb.dfiles.eu//ad.php?z=56&c=FR
  • https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/js/base2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
f97f2c646f357421f6defbeec783cedef9c6cb4b32e6e817e43ee012433ae498

Request headers

Host
adsbb.dfiles.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dfiles.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uprand=01aa51095722fe23cb3b6a1afdc7764d; last_file=58oyyhubm; lang_current=en; _nf56=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Last-Modified
Tue, 29 Jun 2021 16:50:01 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.30-0+deb8u1
Set-Cookie
_nf56=1; expires=Wed, 30-Jun-2021 16:53:40 GMT; Max-Age=86400
Location
/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
ad252327187929ca.htm
adsbb.dfiles.eu/upload/2007/ Frame FA55
Redirect Chain
  • https://adsbb.dfiles.eu//ad.php?z=7&c=FR&g=no_file&u=60db50139059b-13574526
  • https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/js/base2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
dffcc8ec04ad96200140722be4f3e86113c2b71771d71a8024eac40356389b51

Request headers

Host
adsbb.dfiles.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dfiles.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uprand=01aa51095722fe23cb3b6a1afdc7764d; last_file=58oyyhubm; lang_current=en; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Last-Modified
Tue, 29 Jun 2021 16:50:01 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.30-0+deb8u1
Set-Cookie
_nf7=1; expires=Wed, 30-Jun-2021 16:53:40 GMT; Max-Age=86400
Location
/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
ad274029466c5257.htm
adsbb.dfiles.eu/upload/2006/ Frame 1C00
Redirect Chain
  • https://adsbb.dfiles.eu//ad.php?z=58&c=FR&g=no_file
  • https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/js/base2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
584808a06bdf4747c98bc2ff989224cbc10dc7e1b6e5cf3fe2d07f4472fcd6d1

Request headers

Host
adsbb.dfiles.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dfiles.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uprand=01aa51095722fe23cb3b6a1afdc7764d; last_file=58oyyhubm; lang_current=en; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Last-Modified
Tue, 29 Jun 2021 16:50:01 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.30-0+deb8u1
Set-Cookie
_nf58=1; expires=Wed, 30-Jun-2021 16:53:40 GMT; Max-Age=86400
Location
/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
ad27362942ab8f36.htm
adsbb.dfiles.eu/upload/2005/ Frame B9C8
Redirect Chain
  • https://adsbb.dfiles.eu//ad.php?z=60&c=FR
  • https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
1 KB
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Requested by
Host: static.depositfiles.com
URL: https://static.depositfiles.com/js/base2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
2b7ce691506fa54092b36dd770aaca56bc76be8e1d76f238681190b94724f1e5

Request headers

Host
adsbb.dfiles.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dfiles.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uprand=01aa51095722fe23cb3b6a1afdc7764d; last_file=58oyyhubm; lang_current=en; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Last-Modified
Tue, 29 Jun 2021 16:50:01 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 16:53:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.30-0+deb8u1
Set-Cookie
_nf60=1; expires=Wed, 30-Jun-2021 16:53:40 GMT; Max-Age=86400
Location
/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
npush.js
js.wpushsdk.com/npc/sdk/wpu/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Requested by
Host: pw.wpu.sh
URL: https://pw.wpu.sh/script/main.js?promo=22321&tcid=411&src=1926257466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
f21c560bc5514cd0c56be54201f178bf771fe9423e569e7da477727d9e165263

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Jun 2021 17:53:40 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
411.php
vasgenerete.site/npc/anpc/ 		4 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vasgenerete.site/npc/anpc/411.php
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
Tue, 29 Jun 2021 17:53:40 GMT
cache-control
max-age=3600
content-length
4
x-proxy-cache
HIT
csub.js
js.wpushsdk.com/npc/sdk/wpu/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
9b071145e8b79dd2326a2ef3298fa5b76167b9cc875a9e5ee48e129b87d2b390

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Jun 2021 17:53:40 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
jquery-1.5.1.min.js
adsbb.dfiles.eu/static/js/ Frame F9C6 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
85260
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery-1.5.1.min.js
adsbb.dfiles.eu/static/js/ Frame FA55 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
https://adsbb.dfiles.eu/upload/2007/ad252327187929ca.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
85260
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery-1.5.1.min.js
adsbb.dfiles.eu/static/js/ Frame 1C00 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
85260
Expires
Thu, 01 Jan 1970 00:00:01 GMT
dfiles.ru.830082.js
jsc.adskeeper.co.uk/d/f/ Frame B9C8 		277 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b31c79c41f60544f1c51eb3e0e643c8a846554c2c9152126922e960f1360879

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
HIT
age
1241
cf-polished
origSize=283772
last-modified
Thu, 24 Jun 2021 10:17:46 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
KBR0SSZFBJK9Z284
x-amz-id-2
yWHXCG41KHvptrnXwTMSXT5aF8CQmFryxcAaatsy/DXjmg3nY3IWQ/VoldUBgidKxH2+YR1zlLs=
cf-bgj
minify
server
cloudflare
etag
W/"6c6fd712eb28e15bee058fae915ad3e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-request-id
0afa49e7e90000cdbb78361000000001
cf-ray
6670ac1fdf3dcdbb-CDG
expires
Tue, 29 Jun 2021 20:53:40 GMT
jquery-1.5.1.min.js
adsbb.dfiles.eu/static/js/ Frame B9C8 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
85260
Expires
Thu, 01 Jan 1970 00:00:01 GMT
depositfiles.com.7998.js
jsc.mgid.com/d/e/ Frame 3F91 		274 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5e634cc6757b8d6390d95c7ba15f399d8cac326d2c6c53e89564f6aabcaee8

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
HIT
age
6065
cf-polished
origSize=280265
last-modified
Thu, 24 Jun 2021 10:00:19 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
P7P2306HRRGN40J6
x-amz-id-2
kz8f2SliF/AgXAZ2lLXzOQmi/Xhhy0pa3EKbklcASKRUO2X30LJ8/U7WOOTlyLdbBtH2m9l0XF0=
cf-bgj
minify
server
cloudflare
etag
W/"7a3e8890b8d2d5b39bd7b8ce081360b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
0afa49e90b00000820391bc000000001
cf-ray
6670ac2198390820-CDG
expires
Tue, 29 Jun 2021 19:53:40 GMT
view.gif
adsbb.dfiles.eu/ Frame F9C6 		43 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2498&u=60db4f39201728198387506377549
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept
*/*
Referer
https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
t.js
adpatrof.com/ Frame 1C00 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
1e45e1fa4e7466db5968a5d17b842403b17942a14d9e34d136ca506002513dec

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
HhrnYecWJCgpDahohWE76onL8RipF02h8FTz9AXaC5nfMjhGu_hW-w==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
view.gif
adsbb.dfiles.eu/ Frame 1C00 		43 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/view.gif?c=2946&z=58&b=2740&u=60db4f39a1fe35122040695905103
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept
*/*
Referer
https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
view.gif
adsbb.dfiles.eu/ Frame B9C8 		43 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsbb.dfiles.eu/view.gif?c=2942&z=60&b=2736&u=60db4f392be7f9644532296072392
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.242.236.53 , Luxembourg, ASN5577 (ROOT, LU),
Reverse DNS
ip-static-94-242-236-53.server.lu
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept
*/*
Referer
https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:40 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, private, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ Frame B9C8 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 15:49:47 GMT
server
ESF
date
Tue, 29 Jun 2021 16:53:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 16:53:40 GMT
/
c.adskeeper.co.uk/pv/ Frame B9C8 		0
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&cbuster=162498562069162940176&uniqId=05e9d&childs=830084&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&pageView=1&pvid=17a58b0d0d4b36fa7c7&site=544656&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac219bbacdbb-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e9030000cdbb95331000000001
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame B9C8 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
HIT
age
1691
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
TDFPK96NXRT58XZ2
x-amz-id-2
wTo3X/MdxfmF73uhKCe6wR8X+ODEzfsnVtAfm+WhdxF2jei+cvIsb6mLldSiP66koaRPX+KiyDw=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0afa49e9030000cdbbbf94c000000001
cf-ray
6670ac219bbdcdbb-CDG
expires
Tue, 29 Jun 2021 20:53:40 GMT
truncated
/ Frame B9C8 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b22b5a44b3373ac1ed29b2e86f926daa8044dda24dcaf7e274d67c1e89aec41

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9C8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adsbb.dfiles.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options
nosniff
age
583310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:51:50 GMT
1
servicer.adskeeper.co.uk/830082/ Frame B9C8 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.co.uk/830082/1?pv=5&cbuster=1624985620751119199017&uniqId=05e9d&childs=830084&niet=4g&nisd=false&w=728&h=489&cols=4&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&pageView=1&pvid=17a58b0d0d4b36fa7c7&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b472268bdc5107d267c9d909f674410383a4d1f4eb3409a1571fc00b5c8bdcf6

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac21cc03cdbb-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e91a0000cdbb7a3be000000001
Tag.engine
engine.4dsply.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/Tag.engine?time=-120&id=f6c43cb5-024f-4158-a34e-034f3e05bbb0&rand=2331&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&kw=
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5bf9eb050f1a8cf27c17de176c7ec47a7584a1da7b18e471b2645fed75ccd6a1

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6670ac222e7a1f31-FRA
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-adscore-status
null
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
private, no-transform
content-type
application/json; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e95b00001f3171954000000001
usersync
adpatrof.com/ Frame 831C 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb0&cb=8184011624985620819
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
eb6d45b0177744fe6831b6acfbba4bc6c65e7906a35a29bde1c16d58a5520f2e

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/usersync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb0&cb=8184011624985620819
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsbb.dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsbb.dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
bFMpYbQxUuqPzuidbUZmy1HYkJ311_tNeuwbbuGUVT-k6AW0aBelvg==
sync
adpatrof.com/ Frame 251A 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560019&cb=5642191624985620822
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560019&cb=5642191624985620822
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
a9YxhbOc42nLrWMV7pqe2HKrg6s9IhwDnsZagxRM-ugs6saBjcwM-w==
counter
adpatrof.com/ Frame 5C81 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=4733131624985620828
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/counter?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=4733131624985620828
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:41 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
5Lex_wAhpYlUiYNcjUVH2Qix5jEEiJZzWVNCesvDEIpswlanB9kQyg==
user
adpatrof.com/ Frame 07AC 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0594051624985620831
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/user?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0594051624985620831
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
rbZfZ_smmVPIM0SHy9br7BIyd_1TFZYP61Comi1XSSiyoGy3Pj_wNw==
syncro
adpatrof.com/ Frame C86A 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec39&cb=0831961624985620838
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/syncro?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec39&cb=0831961624985620838
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Maa5BscmTWC8-A9VLcmVQaQWKr3FNpYYjKIfE63rdrLiM0zzlV3aNQ==
usersync
adpatrof.com/ Frame 516B 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=8164331624985620846
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=8164331624985620846
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ov-_5EbJp4sxmJn6551qkudNNk2woPKDZc3APP87N0v_S2htOf-EBw==
count
adpatrof.com/ Frame E6E8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0b1bee87d6dcefc534bd612d150fe9d9c2edcc8b93b93904ceba8f670286a8ca

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
content-length
1663
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
CLCJL9xVF5lC1P9kTde965pRtzbzWAhxpDZjwrIMlKpG4LBNGlfwkw==
stat
adpatrof.com/ Frame 64CA 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b131&cb=2580511624985620849
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b131&cb=2580511624985620849
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
aRBnWHI8V02iyVPsW_dt6K-EYNzhu7xMFW_1AhP0snhGj8PpSZtyZQ==
send
adpatrof.com/ Frame 41C5 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=3556161624985620850
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/send?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=3556161624985620850
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
eh2tjqN_YsMx0LbkwiGZPMVvfJ2KLVqABnSVMV_t_pj2_YY05reiGQ==
stat
adpatrof.com/ Frame 19A0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a5&cb=9189031624985620852
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
65f3773dccbaa109200b9b555a5d00258e972afdefd913943748a096500bdb32

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/stat?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a5&cb=9189031624985620852
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
content-length
1874
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
b4CslXQ9VV6hVflWQLJ5R9AfCxeXsT55Mia7uUN4IzYtYUS0PH-4Pg==
usersync
adpatrof.com/ Frame A2E5 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc879&cb=4878661624985620854
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/usersync?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc879&cb=4878661624985620854
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
AGU3VKMd2ZoB3LZsguQ6Fh7GwsEixqLS_xOJo0jCVLI2J34QKZZBFQ==
count
adpatrof.com/ Frame DE6B 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515689&cb=8897671624985620856
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/count?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515689&cb=8897671624985620856
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-OhZXpwMugMzje6a5A5xmaFaMA-lrlMoTBnsaVC9atjiPM2vg_DttQ==
async_usersync
adpatrof.com/ Frame E14D 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5289&cb=6150781624985620857
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5289&cb=6150781624985620857
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ycLOZbEIPhIm_XcW824wOl_ZNDu4X2wa8-isS0TowgTvzBpotVVWeg==
stats
adpatrof.com/ Frame 3DEE 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adpatrof.com/stats?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=2611351624985620858
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=2184971624985620657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08

Request headers

:method
GET
:authority
adpatrof.com
:scheme
https
:path
/stats?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=2611351624985620858
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dfiles.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=19f6722a3ea779d433d0991d9f0bc78054fc644c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dfiles.eu/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Jun 2021 16:53:40 GMT
x-cache
Miss from cloudfront
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
6qoqnIbWthhKY6XcW9P4afpS9HANWnBW_f85jiVipsU66r1WTqzJKA==
/
c.mgid.com/pv/ Frame F9C6 		0
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1624985620896390061389&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&pageView=1&pvid=17a58b0d0d4b36fa7c7&site=437&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac22ab690820-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e9ad000008208faf9000000001
truncated
/ Frame F9C6 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
i.js
cm.adskeeper.co.uk/ Frame B9C8 		113 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1624985620906206328388
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c026002a15453f3e991c22e0a375a7c307dbe4f13ecb96786a8ac09982520858

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
03cbcb53-2a4f-4d22-87d2-689b7870c1d2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac22bdedcdbb-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e9b80000cdbb70234000000001
server
cloudflare
i-noref.js
cm.adskeeper.co.uk/ Frame 2653 		19 B
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1624985620909912239047
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
a5f85b20-867c-45e8-a9e4-ec69d840ac4f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac22bdeacdbb-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e9b70000cdbbcaa44000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0xOS8xMDE5MjQvZjAzZmVjNjI3Y2Y1YTQ5Yjc3YTQ4ODQzZjAxODU5M2MuanBlZz90PTE1NTA1ODU2Njg0NDk.webp
s-img.adskeeper.co.uk/g/8193515/200x200/96x8x684x684/ Frame B9C8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8193515/200x200/96x8x684x684/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0xOS8xMDE5MjQvZjAzZmVjNjI3Y2Y1YTQ5Yjc3YTQ4ODQzZjAxODU5M2MuanBlZz90PTE1NTA1ODU2Njg0NDk.webp?v=1624985620-O3zaFbof02Fn2wBCZhlllmtsfyL9estwmIinJEVUFXE
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7330d95bcf7b78fed4aeaf43a7c6ab468788e00c989d719d53ff19efda44a0

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
x-mg-request-uuid
670327f7-8458-4c07-864b-7bd0ad5a68d0
age
5822833
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6142
cf-request-id
0afa49e9bb0000cdbb652fc000000001
last-modified
Wed, 10 Feb 2021 07:27:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdf9cdbb-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzUxOTFjMDY5ODk0ZGM2ZjM1N...
s-img.adskeeper.co.uk/g/8164852/200x200/-/ Frame B9C8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164852/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvMTAxOTI0LzUxOTFjMDY5ODk0ZGM2ZjM1NDdkMDg4M2YxYzJiYmQ4LmpwZw.webp?v=1624985620-EShxW5zHX5XjJgGcDrsR2mIYmtHh-tnvRPou4W5PXyk
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d276bdd28c615c894e6a62d3c7c842d464ef5d55219e45e4ca8531cb77e177d

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
75ceb22d-c500-46bc-a8c3-eb74af5f17e8
age
5830837
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7128
cf-request-id
0afa49e9bb0000cdbbae16a000000001
last-modified
Fri, 16 Apr 2021 15:14:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdfbcdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.adskeeper.co.uk/g/8193501/200x200/114x0x328x328/ Frame B9C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8193501/200x200/114x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1624985620-iuPhdm2HrPOLNouAGnOYotLzujYlBmBQpw1qGFseF4I
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6660c9fa71639a920540cd53ae67ad7d94202e7da0cd9e1774f6d5ee2c42ec2

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
fbc11f89-505a-4efb-a14a-a57f573cfe77
age
5826913
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4634
cf-request-id
0afa49e9bc0000cdbb9a970000000001
last-modified
Wed, 10 Feb 2021 07:17:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdfccdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.adskeeper.co.uk/g/8193504/200x200/247x0x420x420/ Frame B9C8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8193504/200x200/247x0x420x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1624985620-3Cv3Y5swxkZlE_W5g4XCsalfW1bFhRbH7aoyOOxB3mk
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533b81de8bb2348ac9e0bd96aa97492bee5a195c0159c5692f924b1ee1997b61

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
df1ff0f2-203d-445f-94af-aeef80a9a5f0
age
5829166
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6068
cf-request-id
0afa49e9bb0000cdbb91a51000000001
last-modified
Wed, 10 Feb 2021 07:16:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdf8cdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.adskeeper.co.uk/g/8164849/200x200/0x0x607x607/ Frame B9C8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164849/200x200/0x0x607x607/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1624985620-tYlCv5-hN-5W_UAvbJ_A-r51_c20RCfN4ddrqjBzGiQ
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4aaa48650cc4db095a6484c1d6331864bb6d2abc2e417c155aefca4f405a3d1

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
53f309fe-aed9-4388-b3c3-710a4d9c1a6f
age
1020273
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3550
cf-request-id
0afa49e9bc0000cdbb7f819000000001
last-modified
Tue, 11 May 2021 11:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdfdcdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2NlODk2ZGFlNDQ1YzQ3YjYzNzIzNjg3YzIwMjYwYWM5LmpwZw.webp
s-img.adskeeper.co.uk/g/8164842/200x200/0x71x563x563/ Frame B9C8 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164842/200x200/0x71x563x563/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2NlODk2ZGFlNDQ1YzQ3YjYzNzIzNjg3YzIwMjYwYWM5LmpwZw.webp?v=1624985620-dXoB_XUHqrfbD0e3CfT5dmI7ZaTtLqfl4dBYCguXgjo
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6422cbb3df36c676ae690b13db678369337efb5792d7633d83d5dae5fb03ba2

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
0c5ac406-8490-46d2-875d-b8f9ef5d8480
age
5827080
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5630
cf-request-id
0afa49e9bd0000cdbb84836000000001
last-modified
Mon, 08 Feb 2021 10:21:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22cdffcdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.co.uk/g/8164865/200x200/142x0x600x600/ Frame B9C8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164865/200x200/142x0x600x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1624985620-NTSZU0RWABaJzpJUR2nh29uFBvpF2VZk9-Vd78P1Ni4
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3946e5d351efe1f651a463293376546a2e0cb9f39d7cbb0ccd10f345d1877d3b

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
a783caa2-0147-413e-880a-2dd2d3d1da63
age
5831825
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7818
cf-request-id
0afa49e9ca0000cdbbae16c000000001
last-modified
Mon, 08 Feb 2021 10:20:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22de26cdbb-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.adskeeper.co.uk/g/8164901/200x200/71x52x692x692/ Frame B9C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164901/200x200/71x52x692x692/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1624985620-VH5hUxS2elhyNNqXIe79BZKQ8IKheqA6A2216TeswkM
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4e4f7006cb081cd9d8c7cbd23e25622c054c3ec82031c3d02ca64a0244478a

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
b136ef7b-8847-4a2d-815e-6f97bd15536d
age
5831825
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5314
cf-request-id
0afa49e9ca0000cdbbd9ad9000000001
last-modified
Mon, 08 Feb 2021 10:21:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac22de27cdbb-CDG
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ Frame B9C8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:40 GMT
content-encoding
br
cf-cache-status
HIT
age
2288
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
DXBBERYX6ZZN006T
x-amz-id-2
szIviYYhk/CBrDIabAediiv+PRUAK8AhiMVgUMOccoPTGQ5Cbvm1UwD1B0EpiOSRAW+Xr2BJ/gc=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0afa49e9f0000008af9b804000000001
cf-ray
6670ac23187b08af-CDG
expires
Tue, 29 Jun 2021 20:53:40 GMT
mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ Frame F9C6 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/1612/ad24982685d6c5ba.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adsbb.dfiles.eu
Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:56:56 GMT
x-content-type-options
nosniff
age
597404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19684
x-xss-protection
0
last-modified
Wed, 14 Jan 2015 22:48:53 GMT
server
sffe
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 18:56:56 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 831C 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb0&cb=8184011624985620819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2611
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NQF1L%2BoEFxX9KcEGw0Pn9HZzq4jLwgcYtZ6zExs59nNJe%2BjtZDQtjTqgG7NQ0skIAKAlWvWb9rzfu5XMYARwRY9WuRyUlJU6pNgssaiD2%2F8s8vXq7PyhGMgen6hqWwwM1HCyDTow"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49e9f3000016f2c49f5000000001
cf-ray
6670ac231aa616f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 251A 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560019&cb=5642191624985620822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2611
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a%2FndyWCAlSOKyvezcURk7dgawKhAUynsO3hqx97gv2kBoiVcjvlJbZUgM4SD%2F%2FQZH3R2spDnSCGcrb9jgkvnRxQobTCuArw9qjvjIg0%2F9czSNKu%2BkDxbg3gWT1egIoDDcjz7zq0s"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49e9f3000016f2522ed000000001
cf-ray
6670ac231aa916f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame C86A 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec39&cb=0831961624985620838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2611
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qTXBlw5AZhoKXdnhdJtS7XssFOb4zE6lfw2jJ35vithh3M7HOh1y4%2F0Ih%2Bo7e35FfjX9t9YPpKfVkhtSmrdTPKyqvEsFjYMzP3M5Fb76TpZGumaSFAONjrqRQQL%2BhG94KHIZmhf4"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49e9f7000016f2d49b4000000001
cf-ray
6670ac231aad16f2-FRA
1
servicer.mgid.com/7998/ Frame F9C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/7998/1?pv=5&cbuster=1624985620960761761007&niet=4g&nisd=false&w=240&h=681&cols=1&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&pageView=1&pvid=17a58b0d0d4b36fa7c7&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831f9c6ee66c185172cdf0e2473aa30385aebf09f1fadcbefc0b80cf8feaf558

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac232ceb0820-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49e9fc000008207593d000000001
pxl.jpg
adpatrof.com/ Frame 1C00 		597 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adpatrof.com/pxl.jpg?i=luc8kp3c2wcmn47n3xzj&s=782&p=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm&rstk=https%3A%2F%2Fdfiles.eu%2Ffiles%2F58oyyhubm%24https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F2006%2Fad274029466c5257.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&h=2576991624985620962
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-65.fra2.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-length
597
x-amz-cf-id
_5f7se6J_WmptSArIRl5vDCLN1cmZ5amvKG0B03fcX9xe2AwHKa87g==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
/
ads.projectagoraservices.com/ Frame E6E8 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::215:f2cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b8254e1f77a5850e147ce538643c8460a950a677ba2e2973f6562a22cd022050

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3694
expires
Tue, 29 Jun 2021 16:53:41 GMT
widget-ssp-performance
c.mgid.com/ Frame 3F91 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=81
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6670ac236ab2eda7-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49ea250000eda7560a2000000001
prebid_v4_21.js
hb.adpone.com/ Frame 516B 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=8164331624985620846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ggbFnHrQrcXSAOiyc80xDpD1PZlobkdH0J1sdhZyQaxwwQmu%2BIIWGLBIvzO0366iXcuGsNNF%2FCuVNoRw%2BSbTWgPqTDPTNV0fuaD%2FqKDr91GckOTS%2B%2FqGxMjPoGT%2BBPSwWN53BWKQ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea19000016f2d49b5000000001
cf-ray
6670ac233adf16f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 64CA 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b131&cb=2580511624985620849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VBBC7uGEAjuO0KZkDSCaR1jUiTxNdUJUS%2FM63pam03%2FU5VOrScdmGAxLrvPaQyoD0Nlh9QtJUpL0JYSe7iciKHIT2qMKI%2BVd9jd236O51JYHFVHArg4eWGHLEEFgGsiWSzHouvKk"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea11000016f2a1903000000001
cf-ray
6670ac234b1316f2-FRA
async.js
cdn.adtrue.com/rtb/ Frame 19A0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a5&cb=9189031624985620852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
8538735
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6670ac239db20609-FRA
cf-request-id
0afa49ea480000060909ad3000000001
expires
Thu, 17 Mar 2022 21:01:26 GMT
prebid_v4_21.js
hb.adpone.com/ Frame A2E5 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc879&cb=4878661624985620854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8uMqqHV7q62l3fnEBXdwZWRcfFTO0QTJAgVcFlNewBqvR6x7r1w%2BxoQnXxA37QilGX5MZDnAnpZKgZNryPf9D5CLxAwRZ2FesCA1S3rrUvoWrzA1kNhMm1YH5%2By7zWXfqWEoiMNR"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea17000016f2bca0c000000001
cf-ray
6670ac235b3016f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame DE6B 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515689&cb=8897671624985620856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PU8vZajkCRCf6scQLCnfmsHXBnhtmzoqHTKtOu4J8KORO8HhOJ%2BCFPt%2BEb6Uxsi%2BgFI52vXDlCg%2BulBJzdODXG%2BBbuqj0m2XbW5yEFeqFjraTjZpOs7LnoZ55P63GZTx%2B9gshcXV"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea18000016f29788a000000001
cf-ray
6670ac235b3216f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 41C5 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=3556161624985620850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3FjqVgzWA6An0gwHsaOo6fMV8qCcH71x8E16Rmpqwt06O9cSS9%2B61WyfWGa6x7k9PsoUcHrGQ9e%2F%2BA3S48qRnZg2a4ivcs7GE6c%2BtNn97knbDE41Ixsu3yeQV19SoIOly%2BoTQEuz"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea20000016f2522ef000000001
cf-ray
6670ac236b5816f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 3DEE 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/stats?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=2611351624985620858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r1AkTtfpMBkWEaBCqcbSWh2z%2FEC9IaplLVdonnRPrOyqxgZL%2BokBSkRMvQWeLuJZsq8jmun4xAVgy8vRBqJNx3K1IryeOUY5ss%2BxbDAjh27KKFSI9WS73VycjeA10Z23ce3jK12b"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea48000016f281ba1000000001
cf-ray
6670ac23abe216f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame E14D 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5289&cb=6150781624985620857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oizU%2BRuryqUMg0OxAnw%2BRQybExM2C09N%2FMSDymwAHkasbfsF5tb5wT95QP%2F%2BUcTKgZtR8sBXUPpNhjINEw0N5qhfnnpKWOeIxtHmy6PrAhERxC4hzSwzE1fiGqv6j%2FayU38xKupx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea53000016f24ba5f000000001
cf-ray
6670ac23abf516f2-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 07AC 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0594051624985620831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OdivHg1KLby39qu64OxH2dr6b2DaiHddIXmgJMap232BIZ%2FfqTdW%2Bh8xLgmTmJhnSngqihLyrucpNqyegpypcebmcI5lm0ubeANI2NLriB3mLWQawbqhIm8WHuIwO3ig5%2BE1OKVd"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49ea52000016f2e810a000000001
cf-ray
6670ac23bc0f16f2-FRA
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame E6E8 		360 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2613
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7STB6VJT6WDA3MWJ
x-amz-id-2
/ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified
Wed, 05 May 2021 10:36:16 GMT
server
cloudflare
etag
W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WcLhCg%2BqW8oky5O1OHvCG4BIDT8HVwdx%2FKJB1rzmuq1A%2FeMFRBkj1%2B4%2BLig27b3IOpHK%2F9EnqYDsUS4QhybSz57bQu1cIcWUwYNmX2Zcgi0rMk4lZBh6mo9k5EVh%2BghoxbBFT9sX46OF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0afa49ea6c00002c1900bc2000000001
cf-ray
6670ac23dc7b2c19-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
2551327144316067773
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 29 Jun 2021 16:53:41 GMT
/
cm.steepto.com/setmuidn/ Frame B9C8 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.steepto.com/setmuidn/?muidf=l5tEFPMGVaR9
Requested by
Host: adsbb.dfiles.eu
URL: https://adsbb.dfiles.eu/upload/2005/ad27362942ab8f36.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6670ac24eacc32bf-CDG
content-length
0
cf-request-id
0afa49eb11000032bf3781e000000001
i.js
cm.steepto.com/ Frame F9C6 		130 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i.js?&cbuster=1624985621203362263235
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
2cb191a2-b3d1-4292-b5db-f963bf8f2e9d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6670ac24eacd32bf-CDG
cf-request-id
0afa49eb11000032bf229f0000000001
server
cloudflare
i-noref.js
cm.steepto.com/ Frame 3289 		19 B
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1624985621207409241673
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
MISS
x-mg-request-uuid
a9a1942a-9262-4d86-a5ea-ea5e011f096c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
6670ac24ead032bf-CDG
content-length
19
cf-request-id
0afa49eb15000032bf90a99000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/ Frame F9C6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:32:07 GMT
via
1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
7KkT3OqQ3GQclI7HiL5F06fB31xQTBQmDzprUuIdjBYPBZGFGWpXNA==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.steepto.com/g/8193501/492x328/16x0x492x328/ Frame F9C6 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1624985621-YIf3CObV3WKnKTPDMvwFJl7qwsJjnQlLdW2RDFjFhFA
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid
13c7a403-f1a9-4b8f-a11f-9136f2d16b0f
age
5831872
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251ca50863-CDG
content-length
10278
cf-request-id
0afa49eb2f0000086390a2d000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp
s-img.steepto.com/g/8164914/492x328/0x267x552x368/ Frame F9C6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164914/492x328/0x267x552x368/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp?v=1624985621-G-qkzBi6A8U7tVIfo-Gan9b6RsroBa9L8F0-yy537ec
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7925cc7b40a9ac25b0c24578d98ad8548e5bf82cb7da9e91b1dbe59a53d0fa

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
x-mg-request-uuid
f08afc42-67a6-40a0-b959-0c00460f4ddb
age
5831922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251ca90863-CDG
content-length
10752
cf-request-id
0afa49eb2b00000863630b9000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.steepto.com/g/8164889/492x328/0x124x565x376/ Frame F9C6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1624985621-9xG_90zeBfaX4CGqujzHDbsaGlqbisX5fY2g7ko1f-Q
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db84011ba1ac25770ed500dadf860e1d7165f0a398a565acd32ca8bc174db7b6

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:43:54 GMT
x-mg-request-uuid
d786595a-3d22-4536-8011-c035dac1f395
age
1837463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251caa0863-CDG
content-length
18240
cf-request-id
0afa49eb2c000008637885c000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.steepto.com/g/8193501/492x328/16x0x492x328/ Frame 3F91 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1624985621-YIf3CObV3WKnKTPDMvwFJl7qwsJjnQlLdW2RDFjFhFA
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid
13c7a403-f1a9-4b8f-a11f-9136f2d16b0f
age
5831872
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251cac0863-CDG
content-length
10278
cf-request-id
0afa49eb2c00000863530c6000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp
s-img.steepto.com/g/8164914/492x328/0x267x552x368/ Frame 3F91 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164914/492x328/0x267x552x368/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp?v=1624985621-G-qkzBi6A8U7tVIfo-Gan9b6RsroBa9L8F0-yy537ec
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7925cc7b40a9ac25b0c24578d98ad8548e5bf82cb7da9e91b1dbe59a53d0fa

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
x-mg-request-uuid
f08afc42-67a6-40a0-b959-0c00460f4ddb
age
5831922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251caf0863-CDG
content-length
10752
cf-request-id
0afa49eb2c00000863a9367000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.steepto.com/g/8164889/492x328/0x124x565x376/ Frame 3F91 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1624985621-9xG_90zeBfaX4CGqujzHDbsaGlqbisX5fY2g7ko1f-Q
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db84011ba1ac25770ed500dadf860e1d7165f0a398a565acd32ca8bc174db7b6

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:43:54 GMT
x-mg-request-uuid
d786595a-3d22-4536-8011-c035dac1f395
age
1837463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6670ac251cb00863-CDG
content-length
18240
cf-request-id
0afa49eb2c00000863bc888000000001
server
cloudflare
widget-ssp-performance
c.mgid.com/ Frame 3F91 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=111
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6670ac24ad95eda7-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49eaea0000eda73919a000000001
impress
exchange.adtrue.com/delivery/ Frame EAA6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=2349454042&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1a38e98e4bc21cbd747256e06f501a1049d69c481d5a1f852b49111e0801ec37

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
server
nginx
x-adtrue-instance
java1
content-length
3329
content-type
application/javascript
prebid_v4_21.js
hb.adpone.com/ Frame 5C81 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=4733131624985620828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2612
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g%2FdsYbvYU5jHgdnahe4Tj31gqTmrIfMfyDY0XBg6torunGp5aoTaGmdVEU38HQ82XiOWICWitEDIlsbhyRwYQ2Qtlsrz6CS3o%2BX5SxQN4lQLQc8OZnCFLKSpWYqr0ns9ABdsaw1A"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
0afa49eb97000016f28f010000000001
cf-ray
6670ac25bfb716f2-FRA
arj
projectagora-d.openx.net/w/1.0/ Frame E6E8 		172 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdfiles.eu%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.2&dddid=7976f48d-f71e-46f9-87f5-9fae68b9256b&nocache=1624985621424&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C100489%2C1%2C%2C%2C&aus=728x90&divIds=19604584_dfiles.eu_ros_728x90&auid=541155472
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
7e17b15a487f1e430fefab39f82984f6af6a165992aec73d2ef8d1a40d1e618f

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://adpatrof.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame E6E8 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://adpatrof.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame E6E8 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adpatrof.com
date
Tue, 29 Jun 2021 16:53:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame E6E8 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:41 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7072b894-c215-49fa-bbc7-c602420ac991
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://adpatrof.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
b.js
cdn.engine.4dsply.com/Scripts/MediaScripts/ 		172 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/MediaScripts/b.js?v=4
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe

Request headers

Referer
https://dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
44
x-powered-by
ASP.NET
p3p
CP="CAO PSA OUR IND"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49ebe600004ed90f363000000001
last-modified
Tue, 29 Jun 2021 16:44:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=877
cf-ray
6670ac2639294ed9-FRA
expires
Tue, 29 Jun 2021 16:56:51 GMT
b2
sb.scorecardresearch.com/ Frame F9C6
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73b...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&c9=https%3A%2F%2Fdfiles.eu%2F
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
via
1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
5v7wKF7wYjgH61LLeZLLdwenNib0DWKytrnjyaeHB5owpcAg548R8w==

Redirect headers

date
Tue, 29 Jun 2021 16:53:41 GMT
via
1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1624985621457&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1612%2Fad24982685d6c5ba.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&c9=https%3A%2F%2Fdfiles.eu%2F
content-length
279
x-amz-cf-id
1xIks5V4a43HD6UNSy6wmSHux2-L4Q9vtQPY7I-svJJPDXzC2_-a2A==
m
cm.mgid.com/ Frame F9C6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=8f6a5247-60fe-4bf4-8585-233473e657f5&ttl=1627577621
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=8f6a5247-60fe-4bf4-8585-233473e657f5&ttl=1627577621
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
787e5a1b-8c8c-455d-8555-06d75766434d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac27aa6c0820-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49ecc60000082031b28000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=8f6a5247-60fe-4bf4-8585-233473e657f5&ttl=1627577621
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 40F1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2617
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
E85D4AR405YRYNHW
x-amz-id-2
XHxZwyqhQPYPTHQYS8FhgHhRbcasTknsFRBhZEodwoErOtzaHM4gOTnJ4hh9Chv+q6QyX2gt6ns=
last-modified
Tue, 27 Oct 2020 14:01:47 GMT
server
cloudflare
etag
W/"388809d00c3186d72408292dde1dfc83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2Yid172W%2FwQUtroSHR4pPHtc0peuZlRWb%2BAbHaAl1Sz0PD7YN9MUHUH%2BeTPzgmFYPFGOHvpHRNfJT0CGnxnHBOxkcymip7evfJAWDUbcYw7YxIJ6H%2B1kseZeLqv2TxoG9EgygENcKFOieBZ%2BaTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0afa49ec6800002b1ab42c9000000001
cf-ray
6670ac270d2b2b1a-FRA
/
projectagora-483829-hdb.adomik.com/ Frame E6E8 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMDY1OTcxZmItZWExMi00MTZhLWI0ZTYtNGFjZjNlZjdiY2YyIiwiaG9zdG5hbWUiOiJhZHBhdHJvZi5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=065971fb-ea12-416a-b4e6-4acf3ef7bcf2&part=0&on=0
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.209.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-209-142.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 29 Jun 2021 16:53:41 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/ Frame 40F1 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2212018d290581f6fe77040b95c57cae02496acd8d74cc3dfa499aec4224057

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d4_6iKfvSKXFEjYSmE9gq92_MmDmPpZZ
content-encoding
gzip
etag
"1a3ff456442e32fc6fcf8873439a249d"
age
26599
x-cache
HIT
content-length
19625
x-amz-id-2
XeV6m0tOw04bDjCWWqVa9w3eSlJomh1qX+AYjN+2CMzDAqr6bjuGPlZlzfnEZPjBH4gRhCysnU8=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 29 Jun 2021 09:29:55 GMT
server
AmazonS3
x-timer
S1624985622.950288,VS0,VE0
date
Tue, 29 Jun 2021 16:53:41 GMT
vary
Accept-Encoding
x-amz-request-id
CAW807F9J3AX571C
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
68
x-cache-hits
3
prebid.js
cdn.adtrue.com/pb/ Frame EAA6 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=2349454042&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
8538725
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6670ac287a430609-FRA
cf-request-id
0afa49ed4d000006091a812000000001
expires
Thu, 17 Mar 2022 21:01:36 GMT
ga.js
cdn-adtrue.com/track/ Frame EAA6 		751 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=2349454042&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7736430
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49ed6e00004ddc05a88000000001
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XqaKpQpsoRjBk1pKO4WTxgn2QV7EHYohWjOjhp8oGkoBLJ8oQ3pia1ztO4pIHOnKjEx1TPO7XRdAQ4n8mjAqL29L5FsdMxy0Yjoi52ZkUjF2lZoy%2FavsP0qLvt25OzJ9BLQgWwr%2Fxc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6670ac28ae244ddc-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EAA6 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:41 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b1a7cde1-a28f-4a92-916b-fd603f7e2812
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://adpatrof.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 0DE1 		753 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: dfiles.eu
URL: https://dfiles.eu/files/58oyyhubm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
8538403
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6670ac290bb20609-FRA
cf-request-id
0afa49eda300000609eba99000000001
expires
Thu, 17 Mar 2022 21:06:57 GMT
passback
exchange.adtrue.com/tag/ Frame 0DE1 		251 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19139&divid=920930918&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
81c6252fcdefa91de8fe4774beb814434f984e06563ffe512fc9ee24b75c4afc

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:42 GMT
server
nginx
content-length
251
content-type
application/javascript
impl.20210629-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 40F1 		525 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5130cf337b804444df10bfb1478cb194277f88d95e23538b96f8e4c4e3d0c402

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ee3jOaiNpukPDfZpenD6YPvJX.2kM5qQ
content-encoding
br
etag
"6ce75cb23d4e49ef37d85a39c95a7203"
age
27364
x-cache
HIT
content-length
120012
x-amz-id-2
WGbqEQK9FRIwOn4etDsjov/3qALvi2LLqHR1+AjTiWVmE5IfrRKIwa2yGOvsgJo0O1IQWh4hV4g=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 29 Jun 2021 09:14:22 GMT
server
AmazonS3-br
x-timer
S1624985622.003710,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
45TPEH6SRQJ6H3S8
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
2
x-cache-hits
252070
world-health-day.gif
cdn-adtrue.com/statics/images/psa/ Frame 0DE1 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adtrue.com/statics/images/psa/world-health-day.gif
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a5&cb=9189031624985620852
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:42 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7044607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26616
cf-request-id
0afa49ee9900003240191f7000000001
last-modified
Thu, 25 Jun 2020 02:50:22 GMT
server
cloudflare
etag
"5ef410ee-67f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fr7t5zpMeQyFll2Xd%2Bnhn1K0HNGInCmv%2BGnPAORJthVi2HNprrhErBQWb6cFJVE%2BzsYIHbUZkZ5CsbBNRMa2cPbl5TVUbOy2Ow9g7q7xIhBPEmtnAOEgMg217uai%2FCMY1WBuX1zQnoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
6670ac2a8f3d3240-FRA
expires
Mon, 04 Apr 2022 04:03:35 GMT
c
c.adskeeper.co.uk/ Frame B9C8 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=175|241|24|t2bEYw0fxMvzIj-C0YOGz3l9U37eMe__mkQeim3tIcswtn9E3Cs2CfR1_WfeWGDF&fw=1&extjs=66044&v=175|241|8|t2bEYw0fxMvzIj-C0YOGz6p_oFl2j9gMl0IcBep01mXW79bOuKoyQie4feYu2EtQ&v=175|241|8|t2bEYw0fxMvzIj-C0YOGz-Xnmm5Q9Lv3jZG57x1OP0pcv8WqmVcJzjSWSPQT_H4W&v=175|241|8|t2bEYw0fxMvzIj-C0YOGz8u-wr3N0OJa-ePEtiJm6E9foRrfgEiUtFPqCRQ2E8z4&v=175|241|40|t2bEYw0fxMvzIj-C0YOGzzIdRfsank2YI8Lh79Nzy859PzDHESm0dJfzZNLcTG_7&v=175|241|24|t2bEYw0fxMvzIj-C0YOGzwQ9fZIFg9REfvObwWDHT1zs3gzhfTGedG8cibItD-Xk&v=175|241|8|t2bEYw0fxMvzIj-C0YOGz-UjhAmL1ifEPjOJdKd_YtDHiUy25tNzxH8hHQZvL5QQ&v=175|241|40|t2bEYw0fxMvzIj-C0YOGzwKBhElVdywQUVhzYBl-d8mIZe4QNaMLn2X9ABm0sXDN&cid=830082&h2=osGc9IG8QbaWdv591HpRpdW2SjE0X5j6GPzAbGLgUlM*&rid=8e6daeef-d8fa-11eb-8b6a-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17a58b0d0d4b36fa7c7&cbuster=16249856222077765039&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:42 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
d9e66331-faf3-4695-84b4-6153e2e65191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac2addb8cdbb-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49eec80000cdbbb2adc000000001
server
cloudflare
c
c.mgid.com/ Frame 3F91 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=235|255|12|GUqX7F0QzS5mT06d3DO71YEG-6ZtLNe5jwqOF_WCPlTEv5We1Xmj2-NXM-sccRl0&fw=1&extjs=66044&v=235|236|12|GUqX7F0QzS5mT06d3DO71ahgqIvBNLtV4dpAhntSrT6g7Fbm66qApnSoCTBi34iJ&v=235|255|12|GUqX7F0QzS5mT06d3DO71UFyPs_C3578XkLG032MgQlX7y6v1NjyDkLH9WVngqe9&cid=7998&h2=osGc9IG8QbaWdv591HpRpdW2SjE0X5j6GPzAbGLgUlM*&rid=8e900bdf-d8fa-11eb-b9ea-d094662f8ab5&tt=Direct&iv=10&pageImp=0&pvid=17a58b0d0d4b36fa7c7&cbuster=1624985622539797165868&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://adsbb.dfiles.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:42 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
258a44ab-66b7-4ff1-aa88-cfa8d8e29094
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6670ac2cea890820-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0afa49f01500000820430d6000000001
server
cloudflare
json
trc.taboola.com/dfiles728x90gr-r19604584/trc/3/ Frame 40F1 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dfiles728x90gr-r19604584/trc/3/json?tim=18%3A53%3A42.586&lti=deflated&data=%7B%22id%22%3A280%2C%22ii%22%3A%22%2Fcount%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1624958993196%2C%22vi%22%3A1624985622584%2C%22cv%22%3A%2220210629-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadpatrof.com%2Fcount%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39431%26cb%3D8274731624985620847%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39431%26cb%3D8274731624985620847%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2219604584%22%2C%22orig_uip%22%3A%2219604584%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7582c46bd365f94b19d2892049f5e244b13b6583c4dd944df66502183ecd6b98

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
97
date
Tue, 29 Jun 2021 16:53:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1624985623.608366,VS0,VE97
x-served-by
cache-fra19160-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://adpatrof.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 40F1 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
28565
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5628
x-amz-id-2
mvV6Obapu1AtkGvrEDNJEFXTiQ35Psp9hLvN+7O6Qau3nou0Qban8NkNzNinIOLGaaqDY53yXF4=
x-served-by
cache-hhn11546-HHN
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1624985623.725385,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
6F32NCW4Z347WKFJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
2
x-cache-hits
543894
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 40F1 		2 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
3215
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
mx4KoEdupSjNAt+jydlxWIo+jwcLoLfqsfsfzf9xlc2eaDNcUDaHkWHo8F8AVeN4ILOhs1UHeT4=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1624985623.725476,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
GZH52BA9ZE5HK19K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
2
x-cache-hits
37823
tfa-eid.20210629-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 40F1 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210629-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05339fe72a6ee8a70e014def913cd23b925101146714a834da8fc68509417f6e

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Y.rDddUspQcbyuTj27u6cIa8q.nihcBt
content-encoding
gzip
etag
"1e03102e8c55d5b652f3dcefb6a46a35"
age
26999
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4860
x-amz-id-2
Cht/MOI+W9OnBugjxxNDdEHAhBVijeDFMW2VVJNnlK3QpQQcILX78fH0Oxj0OFB7yMaXLcG40do=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 29 Jun 2021 09:23:39 GMT
server
AmazonS3
x-timer
S1624985623.726757,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
JZV9EJ2M1C11ZFBH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
2
x-cache-hits
457923
sha256.20210629-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 40F1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210629-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e083db3d0fc98d62fb9c33a1943ff2284cfc605f0a28fed3bd1bfe0fc2824ffb

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xcMmyfywsNjhJ8xoLk.e4sS3FhJMMe09
content-encoding
gzip
etag
"60e0adee755a6194abbcfd63d23415e7"
age
26988
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
srYBiSJNgiHfZU6v3D0aL8jTg8aWjcLIO7nIrDRqH7GXuEvbrOFkRnVzaqDUWzl0VOIuRSHKxms=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 29 Jun 2021 09:23:51 GMT
server
AmazonS3
x-timer
S1624985623.726692,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
SKTBYH0JSNP57T4D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
2
x-cache-hits
419872
userx.20210629-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 40F1 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210629-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec47cc99a40bef4cf32c3a92c8e26a52783128f391d358ede0335f7fe226a718

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vBiH5S2D9V1eOR.udXDh69E3uKRU6rBU
content-encoding
gzip
etag
"6e36a996f4e53b47cac4dba5a1beda58"
age
27005
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7954
x-amz-id-2
hhq6BzLsW6jDUZAbXCv7WaRm6SxX6C0BBA5f4geFFMUTYivNdAbAH8z/95dLMoDhQUsrCYNdwMM=
x-served-by
cache-hhn11546-HHN
last-modified
Tue, 29 Jun 2021 09:23:34 GMT
server
AmazonS3
x-timer
S1624985623.737280,VS0,VE0
date
Tue, 29 Jun 2021 16:53:42 GMT
vary
Accept-Encoding
x-amz-request-id
DXVKQVF00CPTC85N
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
2
x-cache-hits
143617
debug
trc-events.taboola.com/dfiles728x90gr-r19604584/log/2/ Frame 40F1 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/dfiles728x90gr-r19604584/log/2/debug?tim=18%3A53%3A42.713&type=warn&msg=Dynamic%20Translation%20load%20is%20enabled%20but%20response%20is%20missing%20the%20map.%20Using%20embedded%20solution&id=2454&cv=20210629-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
9373
event.png
tps20238.doubleverify.com/ Frame 40F1
Redirect Chain
  • https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25707541&sid=5791742&plc=306702350&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
  • https://cdn.doubleverify.com/redirect/?host=tps20238&param=akipv6&impid=fcbd44afa3ae4474bbf93a26090ed5e9
  • https://tps20238.doubleverify.com/event.png?impid=fcbd44afa3ae4474bbf93a26090ed5e9&akipv6=2a01:4f8:121:131a::2
67 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20238.doubleverify.com/event.png?impid=fcbd44afa3ae4474bbf93a26090ed5e9&akipv6=2a01:4f8:121:131a::2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.25 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=0
Content-Length
98
Expires
6/28/2021 4:53:42 PM

Redirect headers

Location
https://tps20238.doubleverify.com/event.png?impid=fcbd44afa3ae4474bbf93a26090ed5e9&akipv6=2a01:4f8:121:131a::2
Date
Tue, 29 Jun 2021 16:53:42 GMT
X-N
S
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
ad_impression.gif
beacon.krxd.net/ Frame 40F1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25707541&advertiserid=9639087&placementid=306702350&adid=499650738&creativeid=149860478&siteid=5791742
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.232.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1624985622
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
B25707541.306702350;dc_pre=CMuBvpanvfECFU4L4AodY8YBPw;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/ Frame 40F1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_pre=CMuBvpanvfECFU4L4AodY8YBPw;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_pre=CMuBvpanvfECFU4L4AodY8YBPw;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=adpatrof.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25707541.306702350;dc_pre=CMuBvpanvfECFU4L4AodY8YBPw;dc_trk_aid=499650738;dc_trk_cid=149860478;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=adpatrof.com
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postview.gif
portal.blau.de/nws/img/ Frame 40F1
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021062918534252147602417X117667V1225131106MStabnat_Pros_Desk_Generic_view
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210629185342521476024...
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021062918534252147602417X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:43 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Tue, 29 Jun 2021 16:53:43 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021062918534252147602417X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/ Frame 40F1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
930129ab69ba8919e9c71baf0c7df22b1b31c9fb26892aa9c34290fbc09bcca9

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
1043141
edge-cache-tag
486646194227031758821347711716915178133,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
83
expiration
expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
content-length
3352
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Mon, 31 May 2021 00:23:39 GMT
server
nginx
x-timer
S1624985623.752297,VS0,VE1
etag
"0d501c2abe25a287eb6b66bfce9c5639"
x-served-by
cache-wdc5531-WDC, cache-dca17746-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f66af69618762f46b76642df55c259e2.jpg
images.taboola.com/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40F1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f66af69618762f46b76642df55c259e2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb47ca87fdda1f54dbf73dba7f4cd66ea7ad2eea23205e2392e116c4447830cc

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
406065
edge-cache-tag
394828094857313849387424719278643332809,296169978374466056112096007933709725938,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
313
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f66af69618762f46b76642df55c259e2.jpg
content-length
1402
x-request-id
5ce8b07ffa776b62b7e8ace9d6f15a35
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 24 Jun 2021 17:46:35 GMT
server
nginx
x-timer
S1624985623.752257,VS0,VE1
etag
"872213d5e326edfebe2d41ea4d1ede6a"
x-served-by
cache-wdc5581-WDC, cache-dca17743-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1c2da96580d88f56c23d28ca68d819c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40F1 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
831fab83ee490530e6596a1700dd2aa9fbd745b410f4226f1a29aea7756f9aaf

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
1230815
edge-cache-tag
349204141988350014822346084807753263403,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
14
expiration
expiry-date="Sat, 03 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
content-length
4378
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Wed, 02 Jun 2021 10:56:00 GMT
server
nginx
x-timer
S1624985623.752243,VS0,VE0
etag
"7828199efb26f2b4aaf133baf1baccb7"
x-served-by
cache-wdc5570-WDC, cache-dca17772-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
f66af69618762f46b76642df55c259e2.jpg
images.taboola.com/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40F1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f66af69618762f46b76642df55c259e2.jpg
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb47ca87fdda1f54dbf73dba7f4cd66ea7ad2eea23205e2392e116c4447830cc

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
406065
edge-cache-tag
394828094857313849387424719278643332809,296169978374466056112096007933709725938,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
313
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_86,w_120,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f66af69618762f46b76642df55c259e2.jpg
content-length
1402
x-request-id
5ce8b07ffa776b62b7e8ace9d6f15a35
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 24 Jun 2021 17:46:35 GMT
server
nginx
x-timer
S1624985623.785226,VS0,VE0
etag
"872213d5e326edfebe2d41ea4d1ede6a"
x-served-by
cache-wdc5581-WDC, cache-dca17743-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
1c2da96580d88f56c23d28ca68d819c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40F1 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
831fab83ee490530e6596a1700dd2aa9fbd745b410f4226f1a29aea7756f9aaf

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
1230815
edge-cache-tag
349204141988350014822346084807753263403,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
14
expiration
expiry-date="Sat, 03 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
content-length
4378
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Wed, 02 Jun 2021 10:56:00 GMT
server
nginx
x-timer
S1624985623.785334,VS0,VE0
etag
"7828199efb26f2b4aaf133baf1baccb7"
x-served-by
cache-wdc5570-WDC, cache-dca17772-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/ Frame 40F1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
930129ab69ba8919e9c71baf0c7df22b1b31c9fb26892aa9c34290fbc09bcca9

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 29 Jun 2021 16:53:42 GMT
via
1.1 varnish, 1.1 varnish
age
1043141
edge-cache-tag
486646194227031758821347711716915178133,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
83
expiration
expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/7ca1e2d3-89c9-4559-ba81-95fe117c382a_9a606170bd7d89f7fc8b4c2ff9360663.jpeg
content-length
3352
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Mon, 31 May 2021 00:23:39 GMT
server
nginx
x-timer
S1624985623.800396,VS0,VE0
etag
"0d501c2abe25a287eb6b66bfce9c5639"
x-served-by
cache-wdc5531-WDC, cache-dca17746-DCA, cache-hhn11546-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
visible
trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame 40F1 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 29 Jun 2021 16:53:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1624985624.743813,VS0,VE10
x-served-by
cache-fra19160-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://adpatrof.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame 40F1 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 29 Jun 2021 16:53:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1624985624.743794,VS0,VE9
x-served-by
cache-fra19160-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://adpatrof.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 40F1 		254 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: adpatrof.com
URL: https://adpatrof.com/count?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39431&cb=8274731624985620847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
1037
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Olb+YyDQBKGh7cwueQ5LeIGsXnGNg1fxi90sFl9BDpDVxzFbv82yCyTcgo7/5nBaVt7MgHnSa+E=
x-served-by
cache-hhn11546-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1624985624.771312,VS0,VE0
date
Tue, 29 Jun 2021 16:53:43 GMT
x-amz-request-id
5QBDV5MFESKPZMG3
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
2
x-cache-hits
1191
ImgSync
image8.pubmatic.com/AdServer/ Frame E6E8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg2M0VEREUtNUE4OS00RDk0LUIzMzYtQzMwMUNDODFEMjhG&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg2M0VEREUtNUE4OS00RDk0LUIzMzYtQzMwMUNDODFEMjhG&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:44 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Tue, 29 Jun 2021 16:53:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:2193
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame E6E8
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF68mweAH6aPyS8ghl3SbjU&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF68mweAH6aPyS8ghl3SbjU&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF68mweAH6aPyS8ghl3SbjU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 263A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 263A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9SvRcqgotbGW&ev=1&orig=trc&pid=562107
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9SvRcqgotbGW&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Tue, 29 Jun 2021 16:53:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13744

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9SvRcqgotbGW&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-xqlmr
expires
-1
getuidnb
ib.adnxs.com/ Frame 263A 		43 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:44 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8cf89009-4460-4de3-a696-c5b01aca1851
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 263A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIhR31Ow9A_-1cAmQE9KQ10&google_cver=1
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIhR31Ow9A_-1cAmQE9KQ10&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 29 Jun 2021 16:53:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1624985625.834249,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19160-FRA

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIhR31Ow9A_-1cAmQE9KQ10&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 263A
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596:$UID
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Tue, 29 Jun 2021 16:53:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:351
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 263A
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598
tbl-x-upstream
10.41.22.84:10213
date
Tue, 29 Jun 2021 16:53:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
9399
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 263A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cbfef4aa-1f6f-4189-93a0-e147c490a734
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cbfef4aa-1f6f-4189-93a0-e147c490a734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 29 Jun 2021 16:53:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1624985625.833021,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19160-FRA

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cbfef4aa-1f6f-4189-93a0-e147c490a734
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 263A
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 263A 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-8474b759f8-592cc
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 263A 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 263A 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:44 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 263A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d2083a1a-a283-4f0f-8dae-174b607c3bf5
0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d2083a1a-a283-4f0f-8dae-174b607c3bf5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Tue, 29 Jun 2021 16:53:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15102

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Tue, 29 Jun 2021 16:53:43 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d2083a1a-a283-4f0f-8dae-174b607c3bf5
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2933
content-type
text/html; charset=utf-8
content-length
222
expires
Tue, 29 Jun 2021 00:00:00 GMT
18.gif
id5-sync.com/qp/ Frame 263A
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/6/2.gif?puid=df715faa-098f-47ba-b8bc-0f50fc8e9456&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMORNNymTIWiShVt0HdlEr1HpKYHU1lc6j7ksqkLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMORNNymTIWiShVt0HdlEr1HpKYHU1lc6j7ksqkLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp...
  • https://id5-sync.com/cq/464/124/5/3.gif?puid=12697f33-6600-4f2d-8b90-1e9c920d01d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/4/4.gif?puid=e_8f34eb42-e1fb-4470-b6c2-9ca490974ea6&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
  • https://id5-sync.com/c/464/9/3/5.gif?puid=_0zWnNCalOwGWOxVgmLgw8ugIkpTAQBfgxrn4Ko2udc&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&dom...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDv6AQNeabETwZsJ7SONK-g&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4741765832791749013&opid=apx&ops=&utidl=tech:goo:CAESEDv6AQNeabETwZsJ7SONK-g&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18324028428&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A18324028428&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 16:53:46 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A18324028428&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date
Tue, 29 Jun 2021 16:53:46 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 263A
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ttns9wiPCkaGEcRBGVDbYA
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ttns9wiPCkaGEcRBGVDbYA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Tue, 29 Jun 2021 16:53:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17677

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ttns9wiPCkaGEcRBGVDbYA
date
Tue, 29 Jun 2021 16:53:45 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 263A 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Tue, 29 Jun 2021 16:52:52 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 263A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=1bb9670c-8207-4a62-9e2a-2d38af2e5af6&ssp=taboola&user_group=1
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1b7a8e98-1164-4972-9f8b-1092244b1d35
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1b7a8e98-1164-4972-9f8b-1092244b1d35
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Tue, 29 Jun 2021 16:53:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12706

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1b7a8e98-1164-4972-9f8b-1092244b1d35
date
Tue, 29 Jun 2021 16:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 263A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&tbid=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598&query=taboola_hm%3D8edf7342-8e06-...
0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&tbid=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598&query=taboola_hm%3D8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1624985625.075178,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11546-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&tbid=d7b7edf0-359a-448f-888a-a61a5d58ca29-tuct7d4d598&query=taboola_hm%3D8edf7342-8e06-4fb2-89c0-2d8d80b02fe1&isDirect=0
tbl-x-upstream
10.40.0.134:10213
date
Tue, 29 Jun 2021 16:53:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14372
sd
u.openx.net/w/1.0/ Frame 263A 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 263A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4245f37-0eeb-51b4-b12b-ed03d1f0bd1a
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4245f37-0eeb-51b4-b12b-ed03d1f0bd1a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Tue, 29 Jun 2021 16:53:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13192

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4245f37-0eeb-51b4-b12b-ed03d1f0bd1a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 263A 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:45 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 263A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=bwS_AfiBQ0-nS4O_VA4sJA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc=&google_hm=bwS_AfiBQ0-nS4O_VA4sJA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&ui=bwS_AfiBQ0-nS4O_VA4sJA
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&ui=bwS_AfiBQ0-nS4O_VA4sJA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Tue, 29 Jun 2021 16:53:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
9402

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 16:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&ui=bwS_AfiBQ0-nS4O_VA4sJA
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 263A
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.83.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Tue, 29 Jun 2021 16:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 40F1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding
gzip
etag
"be95692a7dfb1dc3e8629518230a5ec3"
age
4913
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
899
x-amz-id-2
r6l3tKy2bpJUs2hDEPModElWrdrPvnCgDH9URgDwWqurcptvZXS47FQLozu4toPKdKPNOpwdjow=
x-served-by
cache-hhn11546-HHN
last-modified
Wed, 09 Jun 2021 22:03:44 GMT
server
AmazonS3
x-timer
S1624985625.061248,VS0,VE0
date
Tue, 29 Jun 2021 16:53:45 GMT
vary
Accept-Encoding
x-amz-request-id
MX4Q6N7CBJ0TZF9W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
60
x-cache-hits
84655
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3E35 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://adpatrof.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adpatrof.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 30 Jun 2021 16:53:47 GMT
Date
Tue, 29 Jun 2021 16:53:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
bounce
ib.adnxs.com/ Frame 3E35
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:45 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4ccab4e8-debb-4b81-905e-050a2226b4ab
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:45 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
733959d4-7d0c-47e1-a85b-c0dfe768a745
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
pips.taboola.com/ Frame 40F1 		64 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:53:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19126-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://adpatrof.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 40F1 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=2fde2a99-5e0c-4559-899a-513911ddfba5-tuct7d4d596&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adpatrof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Jun 2021 16:53:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
bounce
ib.adnxs.com/ Frame 3E35
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:46 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fe62530d-fcfc-43db-bf8f-75a0ef5d5581
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 16:53:46 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4f3b2224-6bd6-4a9f-92c2-51aedc1d2dbf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| cur function| fileQueued function| fileQueueError function| fileDialogComplete function| uploadStart function| uploadProgress function| uploadSuccess function| uploadError function| uploadComplete function| queueComplete object| swfobject function| activate_gold_key function| bonuser_paid_request_console_add_show function| bonuser_paid_request_console_remove_show function| bonuser_paid_request_console_close function| bonuser_paid_request_add function| bonuser_paid_request_remove function| read_get_param function| login_toggle function| get_display_text function| show_error function| load_recaptcha function| $ function| jQuery function| DP_jQuery_1624985619966 function| SWFUpload function| fabHash function| ajload function| isopra function| isAbSpeedMode string| recaptcha_public_key string| recaptcha2PublicKey function| toggle function| cache_img function| is_copy_to_clipboard_enabled function| enable_copy_to_cliboard_links function| copy_to_clipboard function| get_elements_by_class function| zero_pad function| send_payoff object| DFUtils string| http_abs_path string| http_static_path string| ssl_static_path string| http_ads_path string| lang string| user_country object| RecaptchaOptions boolean| pageTracker object| DF object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2cb2 function| _0x5eb9 object| unblockia object| jQuery18208673515398667999 number| wait number| wait_timer object| recaptcha object| regeneratorRuntime function| setImmediate function| clearImmediate function| tcpusher function| __fp-init boolean| _mgPageViewEndPoint544656 string| _mgPvid boolean| _mgPageView544656 object| g367CB268B1094004A3689751E7AC568F undefined| g undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature function| UAParser object| cintvls number| inmo boolean| _mgPageViewEndPoint437 boolean| _mgPageView437 object| jQuery183020966931761383267 boolean| _mgPageImp

5 Cookies

Domain/Path Name / Value
adsbb.dfiles.eu/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C830082%22%3A%7B%22page%22%3A1%2C%22time%22%3A1624985620902%7D%7D
adsbb.dfiles.eu/ Name: ad2946
Value: 1
adpatrof.com/ Name: SSID
Value: 19f6722a3ea779d433d0991d9f0bc78054fc644c
adsbb.dfiles.eu/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C7998%22%3A%7B%22page%22%3A1%2C%22time%22%3A1624985621198%7D%7D
dfiles.eu/files Name: g36FastPopSessionRequestNumber
Value: 1

3 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.830082.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/d/e/depositfiles.com.7998.js?t=12152916(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210629-6-RELEASE.js(Line 3)
Message:
Dynamic Translation load is enabled but response is missing the map. Using embedded solution

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
adpatrof.com
ads.betweendigital.com
ads.projectagoraservices.com
adsbb.dfiles.eu
beacon.krxd.net
bh.contextweb.com
bttrack.com
c.adskeeper.co.uk
c.mgid.com
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.doubleverify.com
cdn.engine.4dsply.com
cdn.taboola.com
cdn.unblockia.com
cds.taboola.com
ce.lijit.com
cm.adskeeper.co.uk
cm.g.doubleclick.net
cm.mgid.com
cm.steepto.com
cookie-matching.mediarithmics.com
depositfiles.com
dfiles.eu
dis.criteo.com
distinctleftmargaret.com
e1.emxdgt.com
eb2.3lift.com
engine.4dsply.com
eu-u.openx.net
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
jadserve.postrelease.com
js.wpushsdk.com
jsc.adskeeper.co.uk
jsc.mgid.com
match.adsrvr.org
match.taboola.com
p.crm4d.com
pagead2.googlesyndication.com
partner.blau.de
pips.taboola.com
pixel.rubiconproject.com
pixel.tapad.com
portal.blau.de
prg.smartadserver.com
prod.perf-serving.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagora.net
projectagoralibs.com
pw.wpu.sh
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s-img.adskeeper.co.uk
s-img.steepto.com
s.c.appier.net
sb.scorecardresearch.com
servicer.adskeeper.co.uk
servicer.mgid.com
simage2.pubmatic.com
static.depositfiles.com
sync-t1.taboola.com
sync.taboola.com
tps.doubleverify.com
tps20238.doubleverify.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
us-u.openx.net
vasgenerete.site
www.google.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.19.131.80
104.19.132.78
104.19.136.78
104.19.137.80
104.19.138.80
13.224.193.65
13.248.242.197
141.226.224.32
141.226.228.48
142.250.185.102
142.250.185.226
172.104.64.149
178.250.0.163
18.185.197.81
18.195.155.181
185.64.189.110
185.64.189.112
185.64.190.79
185.64.190.80
185.86.138.143
185.86.138.32
192.132.33.46
192.243.59.20
198.148.27.139
199.232.137.44
2.18.232.130
213.174.135.24
213.174.135.25
213.254.244.19
213.254.244.25
23.111.200.118
2606:4700:10::6816:3181
2606:4700:20::681a:686
2606:4700:20::ac43:49e4
2606:4700:3032::ac43:9028
2606:4700:3037::ac43:d405
2606:4700:3038::6815:eb9b
2606:4700::6810:9e11
2a00:1450:4001:800::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a02:26f0:64::215:f2cc
2a02:26f0:6c00:286::4469
2a04:4e42:3::300
3.127.166.11
34.254.209.142
35.156.198.184
35.157.83.29
35.227.248.159
35.244.159.8
37.252.172.249
46.4.62.19
51.195.5.40
51.38.250.95
51.75.198.14
52.207.161.225
52.28.82.26
52.34.145.6
54.72.232.11
54.77.47.243
65.9.77.30
69.173.144.165
72.251.249.13
82.113.101.236
84.200.5.215
94.242.227.135
94.242.227.151
94.242.227.224
94.242.236.53
03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2
05339fe72a6ee8a70e014def913cd23b925101146714a834da8fc68509417f6e
054bde4e1d273cd088678aeff7956ce65f606431632cfc2196020b1160fb9998
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08
0b1bee87d6dcefc534bd612d150fe9d9c2edcc8b93b93904ceba8f670286a8ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92
1a38e98e4bc21cbd747256e06f501a1049d69c481d5a1f852b49111e0801ec37
1c7330d95bcf7b78fed4aeaf43a7c6ab468788e00c989d719d53ff19efda44a0
1e45e1fa4e7466db5968a5d17b842403b17942a14d9e34d136ca506002513dec
2b22b5a44b3373ac1ed29b2e86f926daa8044dda24dcaf7e274d67c1e89aec41
2b7ce691506fa54092b36dd770aaca56bc76be8e1d76f238681190b94724f1e5
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0
3946e5d351efe1f651a463293376546a2e0cb9f39d7cbb0ccd10f345d1877d3b
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3
5130cf337b804444df10bfb1478cb194277f88d95e23538b96f8e4c4e3d0c402
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
533b81de8bb2348ac9e0bd96aa97492bee5a195c0159c5692f924b1ee1997b61
53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae
549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe
584808a06bdf4747c98bc2ff989224cbc10dc7e1b6e5cf3fe2d07f4472fcd6d1
5b31c79c41f60544f1c51eb3e0e643c8a846554c2c9152126922e960f1360879
5bf9eb050f1a8cf27c17de176c7ec47a7584a1da7b18e471b2645fed75ccd6a1
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
65f3773dccbaa109200b9b555a5d00258e972afdefd913943748a096500bdb32
6a7925cc7b40a9ac25b0c24578d98ad8548e5bf82cb7da9e91b1dbe59a53d0fa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
6c35f5b8233770e72198d8656dba0631e58e70e5da9fdac1b1601be627cac364
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
7582c46bd365f94b19d2892049f5e244b13b6583c4dd944df66502183ecd6b98
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
7d276bdd28c615c894e6a62d3c7c842d464ef5d55219e45e4ca8531cb77e177d
7e17b15a487f1e430fefab39f82984f6af6a165992aec73d2ef8d1a40d1e618f
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
81c6252fcdefa91de8fe4774beb814434f984e06563ffe512fc9ee24b75c4afc
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
831f9c6ee66c185172cdf0e2473aa30385aebf09f1fadcbefc0b80cf8feaf558
831fab83ee490530e6596a1700dd2aa9fbd745b410f4226f1a29aea7756f9aaf
880aa4caeabce90b6e4a16e7a564676bd8c12c96fbc12e233feeb9dea71e51a5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90d2b1a223b28411e21ab33aed497388d25b5e4ae56444e4ecbbca0bda42ec1c
930129ab69ba8919e9c71baf0c7df22b1b31c9fb26892aa9c34290fbc09bcca9
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
9b071145e8b79dd2326a2ef3298fa5b76167b9cc875a9e5ee48e129b87d2b390
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37
ae5e634cc6757b8d6390d95c7ba15f399d8cac326d2c6c53e89564f6aabcaee8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b
b472268bdc5107d267c9d909f674410383a4d1f4eb3409a1571fc00b5c8bdcf6
b6422cbb3df36c676ae690b13db678369337efb5792d7633d83d5dae5fb03ba2
b8254e1f77a5850e147ce538643c8460a950a677ba2e2973f6562a22cd022050
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c026002a15453f3e991c22e0a375a7c307dbe4f13ecb96786a8ac09982520858
c6660c9fa71639a920540cd53ae67ad7d94202e7da0cd9e1774f6d5ee2c42ec2
ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904
cb47ca87fdda1f54dbf73dba7f4cd66ea7ad2eea23205e2392e116c4447830cc
cd79c3ca06671f1088754dc301596e1b75d56fed54ec18956166ebd741fb7c72
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582
db84011ba1ac25770ed500dadf860e1d7165f0a398a565acd32ca8bc174db7b6
de4e4f7006cb081cd9d8c7cbd23e25622c054c3ec82031c3d02ca64a0244478a
dffcc8ec04ad96200140722be4f3e86113c2b71771d71a8024eac40356389b51
e083db3d0fc98d62fb9c33a1943ff2284cfc605f0a28fed3bd1bfe0fc2824ffb
e2212018d290581f6fe77040b95c57cae02496acd8d74cc3dfa499aec4224057
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4aaa48650cc4db095a6484c1d6331864bb6d2abc2e417c155aefca4f405a3d1
eb6d45b0177744fe6831b6acfbba4bc6c65e7906a35a29bde1c16d58a5520f2e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec47cc99a40bef4cf32c3a92c8e26a52783128f391d358ede0335f7fe226a718
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21c560bc5514cd0c56be54201f178bf771fe9423e569e7da477727d9e165263
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
f97f2c646f357421f6defbeec783cedef9c6cb4b32e6e817e43ee012433ae498