urlscan.io logo urlscan.io
SecurityTrails logo

filecr.com Open in urlscan Pro
2606:4700:3035::ac43:8bfc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://filecr.com/
Effective URL: https://filecr.com/en/
Submission: On February 02 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 10 countries across 75 domains to perform 348 HTTP transactions. The main IP is 2606:4700:3035::ac43:8bfc, located in United States and belongs to CLOUDFLARENET, US. The main domain is filecr.com. The Cisco Umbrella rank of the primary domain is 223315.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time filecr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 4 104.76.200.23 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
21 192.0.77.2 2635 (AUTOMATTIC)
3 94.31.29.32 6461 (ZAYO-6461)
1 2606:4700:303... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
9 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 35.157.246.167 16509 (AMAZON-02)
2 5 37.252.173.38 29990 (ASN-APPNEX)
1 178.250.0.165 44788 (ASN-CRITE...)
1 185.255.84.151 200271 (IGUANE-)
2 3.120.52.139 16509 (AMAZON-02)
3 3.214.91.80 14618 (AMAZON-AES)
5 2602:803:c003... 26667 (RUBICONPR...)
1 6 51.75.86.98 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 52.19.2.69 16509 (AMAZON-02)
1 18.157.232.7 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
6 7 185.64.190.78 62713 (AS-PUBMATIC)
8 43 142.250.186.34 15169 (GOOGLE)
4 8 69.173.144.139 26667 (RUBICONPR...)
6 10 13.248.245.213 16509 (AMAZON-02)
6 185.86.137.121 201081 (SMARTADSE...)
4 4 18.156.184.150 16509 (AMAZON-02)
8 8 3.126.56.137 16509 (AMAZON-02)
1 54.156.165.208 14618 (AMAZON-AES)
2 35.227.252.103 15169 (GOOGLE)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
2 2 18.194.103.50 16509 (AMAZON-02)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2.18.232.130 16625 (AKAMAI-AS)
1 2620:1ec:46::44 8068 (MICROSOFT...)
4 104.117.200.100 16625 (AKAMAI-AS)
5 8 35.71.131.137 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:22::14 8068 (MICROSOFT...)
5 6 18.197.84.79 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 209.54.177.54 16509 (AMAZON-02)
3 4 64.202.112.191 23352 (SERVERCEN...)
1 18 54.171.252.128 16509 (AMAZON-02)
2 67.202.105.24 32748 (STEADFAST)
1 4 2.18.234.21 16625 (AKAMAI-AS)
1 1 216.52.2.48 30282 (AS-INAPCD...)
7 7 213.19.147.45 26120 (RHYTHMONE)
1 18.204.253.249 14618 (AMAZON-AES)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 147.75.61.140 54825 (PACKET)
2 104.16.200.58 13335 (CLOUDFLAR...)
5 5 185.29.132.241 30419 (MEDIAMATH...)
1 2 185.86.139.115 201081 (SMARTADSE...)
1 2600:9000:205... 16509 (AMAZON-02)
3 5 37.157.2.237 198622 (ADFORM)
1 1 52.71.142.200 14618 (AMAZON-AES)
2 169.197.150.8 398989 (DEEPINTENT)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 3 151.101.194.49 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 37.252.172.38 29990 (ASN-APPNEX)
2 2 96.46.186.58 7979 (SERVERS-COM)
3 4 64.202.112.95 23352 (SERVERCEN...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.244.159.8 15169 (GOOGLE)
1 1 44.193.191.16 14618 (AMAZON-AES)
1 1 3.227.93.166 14618 (AMAZON-AES)
1 150.136.222.2 31898 (ORACLE-BM...)
1 1 104.111.215.191 16625 (AKAMAI-AS)
2 2 34.248.198.194 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 2.18.233.180 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.56 4694 (IDCF IDC ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 213.155.156.164 1299 (TWELVE99 ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 51.210.112.236 16276 (OVH)
2 2 63.35.242.195 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.122.14.34 36351 (SOFTLAYER)
348 74
21    2606:4700:3035::ac43:8bfc (United States)

ASN13335 (CLOUDFLARENET, US)
filecr.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    104.76.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i3.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
3    94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2606:4700:3034::ac43:9465 (United States)

ASN13335 (CLOUDFLARENET, US)
webcrx.io
13    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
10    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
5    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    3.120.52.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-139.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
5    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    52.19.2.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    18.157.232.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-232-7.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
43    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
43    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
10    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    18.156.184.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-184-150.eu-central-1.compute.amazonaws.com
pixel.advertising.com
8    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.156.165.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-165-208.compute-1.amazonaws.com
sync.adaptv.advertising.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    18.194.103.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-103-50.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
4    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    18.197.84.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
18    54.171.252.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
7    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.204.253.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-253-249.compute-1.amazonaws.com
jadserve.postrelease.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:2057:8e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    52.71.142.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-142-200.compute-1.amazonaws.com
sync.extend.tv
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2606:4700::6810:78c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    96.46.186.58 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    3.227.93.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-93-166.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.222.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.248.198.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-198-194.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
601 KB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
278 KB
23 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
8 KB
21 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
30 KB
21 wp.com
i3.wp.com — Cisco Umbrella Rank: 46854
i2.wp.com — Cisco Umbrella Rank: 5086
i0.wp.com — Cisco Umbrella Rank: 3215
i1.wp.com — Cisco Umbrella Rank: 5313
96 KB
21 filecr.com
filecr.com — Cisco Umbrella Rank: 223315
225 KB
19 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
ads.pubmatic.com — Cisco Umbrella Rank: 473
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
30 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com — Cisco Umbrella Rank: 1288
5 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
126 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 600
eb2.3lift.com — Cisco Umbrella Rank: 389
5 KB
10 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1823
public.servenobid.com — Cisco Umbrella Rank: 3540
7 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
327 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
3 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
2 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com — Cisco Umbrella Rank: 565
secure.adnxs.com — Cisco Umbrella Rank: 404
22 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
3 KB
5 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
sync.adaptv.advertising.com — Cisco Umbrella Rank: 14903
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
7 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
1 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
6 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
2 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
us-u.openx.net — Cisco Umbrella Rank: 359
841 B
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
match.sharethrough.com — Cisco Umbrella Rank: 637
930 B
4 media.net
contextual.media.net — Cisco Umbrella Rank: 516
cs.media.net — Cisco Umbrella Rank: 1922
140 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
740 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
3 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 11970
ecs.mantisadnetwork.com — Cisco Umbrella Rank: 23153
959 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
mp.4dex.io — Cisco Umbrella Rank: 2499
24 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
3 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 16454
192 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
897 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
883 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
695 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
616 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
953 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
1 KB
2 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 6448
392 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
83 B
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 6694
25 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
942 B
2 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2343
ssc-cms.33across.com — Cisco Umbrella Rank: 877
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
57 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
33 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
611 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
696 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
382 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
1 KB
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
428 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
604 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
380 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
241 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
311 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
474 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
427 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
590 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
922 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
250 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4305
704 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
644 B
1 webcrx.io
webcrx.io
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
348 75
Domain Requested by
43 cm.g.doubleclick.net 8 redirects 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
eb2.3lift.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
43 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
tpc.googlesyndication.com
22 pagead2.googlesyndication.com filecr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
21 filecr.com 2 redirects filecr.com
17 rtb.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 eb2.3lift.com 6 redirects cdn4.buysellads.net
eb2.3lift.com
10 c2shb.ssp.yahoo.com cdn4.buysellads.net
9 www.gstatic.com googleads.g.doubleclick.net
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
9 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
9 www.googletagservices.com cdn4.buysellads.net
googleads.g.doubleclick.net
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
8 match.adsrvr.org 5 redirects eb2.3lift.com
ssum-sec.casalemedia.com
8 ups.analytics.yahoo.com 8 redirects
8 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
filecr.com
8 i3.wp.com filecr.com
7 image6.pubmatic.com 6 redirects ads.pubmatic.com
6 x.bidswitch.net 5 redirects eb2.3lift.com
6 ssbsync.smartadserver.com 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
public.servenobid.com
g2.gumgum.com
6 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 onetag-sys.com 1 redirects cdn4.buysellads.net
public.servenobid.com
6 i0.wp.com filecr.com
5 simage2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 sync.1rx.io 5 redirects
5 www.google.com 2 redirects 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 ib.adnxs.com 2 redirects cdn4.buysellads.net
acdn.adnxs.com
5 i1.wp.com filecr.com
4 image2.pubmatic.com ads.pubmatic.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 b1sync.zemanta.com 3 redirects ssbsync.smartadserver.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com cdn4.buysellads.net
eus.rubiconproject.com
g2.gumgum.com
4 pr-bh.ybp.yahoo.com 4 redirects
4 pixel.advertising.com 4 redirects
3 sync-tm.everesttech.net 3 redirects
3 token.rubiconproject.com 3 redirects
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 cs.media.net 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 cdn4.buysellads.net filecr.com
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 ads.pubmatic.com g2.gumgum.com
ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 us-u.openx.net 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 pre.glotgrx.com mantodea.mantisadnetwork.com
2 match.deepintent.com ssum-sec.casalemedia.com
g2.gumgum.com
2 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 sync.targeting.unrulymedia.com 2 redirects
2 match.sharethrough.com 2 redirects
2 ap.lijit.com 2 redirects
2 rtb.openx.net 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 mantodea.mantisadnetwork.com cdn4.buysellads.net
2 btlr.sharethrough.com cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 i2.wp.com filecr.com
2 cdnjs.cloudflare.com filecr.com
cdnjs.cloudflare.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssc-cms.33across.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 id.rlcdn.com
1 ads.yahoo.com
1 bttrack.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 s.ad.smaato.net ssbsync.smartadserver.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 jadserve.postrelease.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 ssum-sec.casalemedia.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 public.servenobid.com cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 mug.criteo.com gum.criteo.com
1 sync.adaptv.advertising.com 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
1 tlx.3lift.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 webcrx.io filecr.com
1 www.googletagmanager.com filecr.com
1 contextual.media.net filecr.com
348 114

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 54 frames:

Primary Page: https://filecr.com/en/
Frame ID: 538B8380C66CBC205C413F1821B23B68
Requests: 101 HTTP requests in this frame

Frame: https://webcrx.io/extension/comm
Frame ID: E28FE347B8D6630F83DEF5EF0D0B600C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Frame ID: 8440A26162CAD2997742B78C89AD9180
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1643789566&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565895&bpp=4&bdt=495&idt=295&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=758259895464&frm=20&pv=2&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: 4AD1B3D3A0D42E9CBEDA268B70385411
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Frame ID: 5656FB15636D8144BCAE48BFFD637B0B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Frame ID: 84AB0D390D70BA06D484BC3D90043D06
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Frame ID: F66DBF440F2015ECF2885AD110289137
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E20E5D04722FB03B400B43964F89F810
Requests: 7 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 59E8134385206EF4EAD9235B75267B7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A62B9F6D5F43DE39F03E51691F603EF8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B410477D3D2EF6163BFB7805498EDCCF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: 40B6BD2CFED2F1C18B0A917806811DDB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: 7432709528535EDE2167E83AF62A5738
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: 3A12CA16C88FABBC8A2233D7C9EEC087
Requests: 1 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C936BFD6668E25AF81FA92A4879D6C45
Requests: 12 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF00974756DCC0EBB8022B8F88B664B2
Requests: 13 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28F83BAA4B3DB05CA6BAA859FFD16E5F
Requests: 12 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1ABA087164F561622988D23558246DA6
Requests: 11 HTTP requests in this frame

Frame: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C57A461F9A01D1007D3C6B724FE607CC
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 842974BA86DD9CCB4C8114AE7A69957B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3B9773D5AF29EE6412CF6B53B11F3F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9C3C24D16A57F75CEC9512D211350D3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3CBB1AC6DA1532EC74E313B93341524A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79C575BFF31404310E22ADD0A4B41E4B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DACE762F52E8293C56A53F1D18487BB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64CC5F4E81B8DB1175C53253EF5C50CC
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Frame ID: D7A2EE3A9426DDD0249FA256AFB66AF2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 21E86425D2451BA5A35F687C7B765F86
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 056D1762F47FAFD07827E99299FDA500
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643789566781
Frame ID: F44D551CA0231320788CA42219DCBED4
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F9F5F17C72618E54D119914B7EF6FD0F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2E0ECE20F9D48C8D4D09E9AB987B260F
Requests: 10 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Frame ID: E34CA328F0976A5DC6659DC005F036AA
Requests: 6 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 70878598134FC2436AA63FDA3A52F51B
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 3B89505B287B4230894D35160EA30056
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A0637D02630DE20E42BE10E5A44DF15D
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 708C06C5E62AEA399349BCAC73D900F2
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F176687CEEE92034ACB3BA1E65A3A672
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Frame ID: CD6A4281DB5B2C8CE5DCB579F7495BAA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=Yfo9AgADGQhXmwAy&gdpr=0&gdpr_consent=
Frame ID: 0F3B17EE9C8DB9EAD53B325D039C3920
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMTM2YjI1Yi1hNDE1LTQ0ZGItOGM2MS01MjhmYmVmYTZmYmI=&gdpr=0&gdpr_consent=
Frame ID: 75686978CEE6382C42BD371DCC779BE3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 11FCD846328FE381659342063BD84B9F
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 39B5C2C1C2D6A41DF3263A5691C70F5E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=3cd50a9e-3724-4b5e-85c0-16da0597e344&t=1646381570
Frame ID: 903F3BD37ED57BC6093FA51E817CA649
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0450EAC658D2BD3B0717B74A7BB26CA1
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 89346CAA219377F7FDAD4F8D08E706EF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Yfo9A8Co5s4AAN8eEikAAAAA
Frame ID: 546A382DFA6069389611AB464D280B8C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=j25hmhbmPeb0o4N6N142&pi=gumgum&tc=1
Frame ID: E87F6DFC046C89E44D0062E31CCE8131
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
Frame ID: 82849DD2F851DB4FF241BB55B02206E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1534326959032289301
Frame ID: AFBF9714E228BDB79D4245C7822F495D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Frame ID: 98CB78B2F0F81B32288D9647BCE38201
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B0A307612E7D927B1E1EEE4F9F3907A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7060022444665469082
Frame ID: F2B1586B3EB878E942B7E2D6EE468788
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
Frame ID: 9E633B40623ED887D5C97B2398D660E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FileCR - THE BIGGEST SOFTWARE STORE

Page URL History Show full URLs

  1. https://filecr.com/ HTTP 301
    https://filecr.com/en HTTP 301
    https://filecr.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

348
Requests

80 %
HTTPS

28 %
IPv6

75
Domains

114
Subdomains

74
IPs

10
Countries

2298 kB
Transfer

6355 kB
Size

107
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://filecr.com/ HTTP 301
    https://filecr.com/en HTTP 301
    https://filecr.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 137
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPKJk9ptXdU-3-P2C_Q190bUUk9qhYj5ZG2ROt2yGKB2WNJj-qEQTK_5SmAUWGEjlGhkHhSV0Ua-LnAtfTKMpCS2IR3-Fq0vhg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPKJk9ptXdU-3-P2C_Q190bUUk9qhYj5ZG2ROt2yGKB2WNJj-qEQTK_5SmAUWGEjlGhkHhSV0Ua-LnAtfTKMpCS2IR3-Fq0vhg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oy4qkU_ISdGLrs4Dkiyjqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKJk9ptXdU-3-P2C_Q190bUUk9qhYj5ZG2ROt2yGKB2WNJj-qEQTK_5SmAUWGEjlGhkHhSV0Ua-LnAtfTKMpCS2IR3-Fq0vhg
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbheFkwVpfHLuSXjHmm_Qkl36g3WzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbheFkwVpfHLuSXjHmm_Qkl36g3WzQ
Request Chain 208
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ
Request Chain 209
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephRdhcvqlZnlZ0CmJWVOFGqIv0Jie7IQwPN4N2rlfd2z-gNCoS5c0IHcZisAtH5nWEwxBUdzEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephRdhcvqlZnlZ0CmJWVOFGqIv0Jie7IQwPN4N2rlfd2z-gNCoS5c0IHcZisAtH5nWEwxBUdzEA&gdpr=&gdpr_consent=
Request Chain 211
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs&apid=UPe85adacc-83ff-11ec-a345-0203a971bd4a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs
Request Chain 212
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCxdgqDEdKZvOjD3KgYEkBqxS3Wtqzso HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCxdgqDEdKZvOjD3KgYEkBqxS3Wtqzso&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCxdgqDEdKZvOjD3KgYEkBqxS3Wtqzso
Request Chain 216
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPJwG7G0We5Z2DRd3P0XbBM1OF2IBuq-ZWZbyh2NE41g6ubxiiUZBB59OZAiHWChwhwqHw0bRlhP-ipt3a2iL9pBOJjqMXeH HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPJwG7G0We5Z2DRd3P0XbBM1OF2IBuq-ZWZbyh2NE41g6ubxiiUZBB59OZAiHWChwhwqHw0bRlhP-ipt3a2iL9pBOJjqMXeH&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwG7G0We5Z2DRd3P0XbBM1OF2IBuq-ZWZbyh2NE41g6ubxiiUZBB59OZAiHWChwhwqHw0bRlhP-ipt3a2iL9pBOJjqMXeH
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QOL3o7CFetGiFJRqo7Lr8eLD9PU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QOL3o7CFetGiFJRqo7Lr8eLD9PU
Request Chain 218
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE86Bpm_oND52b27FelIwC0&google_cver=1&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE86Bpm_oND52b27FelIwC0&google_cver=1&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80&google_hm=43ca6a95119037558d0855c7
Request Chain 219
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ&apid=UPe85adacc-83ff-11ec-a345-0203a971bd4a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ
Request Chain 220
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEx_6BM1AM-0-27C-60CTyo&google_cver=1&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_RQ85aNFdgEVLxywPUcbRQkMN_8xFVtrNIf9xQsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjUxYjZlNGYtYTc3YS00YTAxLTk2NjAtYmFhNjA2NGExOGQ3&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_RQ85aNFdgEVLxywPUcbRQkMN_8xFVtrNIf9xQsg
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIq2hRS-dMCwXWyoTC6ciOQ&google_cver=1&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag&google_hm=ODkyMjkzMjI0MTA5NTI4MTM3MQ%3D%3D
Request Chain 223
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SBMOsm7iPMf0aFxr4C_FOwRRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SBMOsm7iPMf0aFxr4C_FOwRRw
Request Chain 224
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1
Request Chain 225
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA
Request Chain 226
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c3JGwV4YODv5i5nYfW9_91epDQfDZ4u7AfNhvckbynVEIHbCmGy7NOtV8Lx_lD1vKk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c3JGwV4YODv5i5nYfW9_91epDQfDZ4u7AfNhvckbynVEIHbCmGy7NOtV8Lx_lD1vKk&gdpr=&gdpr_consent=
Request Chain 228
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGNwe4bYjkr1PRvDIiI7y6U&google_cver=1&google_push=AYg5qPKOWgrjRRbr5rE3NfkcVub62m8ob0l-jCQ8pcz-hOnyiypzdsAT5d7b2JvkmikfkrgyBB5-fyb5fxo5bShM_G1ECceaUGk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKOWgrjRRbr5rE3NfkcVub62m8ob0l-jCQ8pcz-hOnyiypzdsAT5d7b2JvkmikfkrgyBB5-fyb5fxo5bShM_G1ECceaUGk HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 230
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P-LhLYUOEAX-cTwrvQZKl2yaM9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P-LhLYUOEAX-cTwrvQZKl2yaM9
Request Chain 231
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc
Request Chain 232
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEGNwe4bYjkr1PRvDIiI7y6U&google_cver=1&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
Request Chain 233
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdCxy1jfUeHx2oXJmlU3gdjndqkmW3G9Z1_nWzzSJb2rQlcNgqXQVLNgFZPtlQmIPuuM9VE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdCxy1jfUeHx2oXJmlU3gdjndqkmW3G9Z1_nWzzSJb2rQlcNgqXQVLNgFZPtlQmIPuuM9VE&gdpr=&gdpr_consent=
Request Chain 235
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrCmMyZTLX-or63zypkOriMiWrTvF2Q HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrCmMyZTLX-or63zypkOriMiWrTvF2Q&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrCmMyZTLX-or63zypkOriMiWrTvF2Q
Request Chain 236
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEx_6BM1AM-0-27C-60CTyo&google_cver=1&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1sKfrkiBxyJUvD9AsY-8a6_JWD5xnO0q1FLU59iA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDAxZDFkNGQtNTAwNi00ZjY2LWJiMWMtODU3NTBhODE2MjE0&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1sKfrkiBxyJUvD9AsY-8a6_JWD5xnO0q1FLU59iA
Request Chain 242
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIq2hRS-dMCwXWyoTC6ciOQ&google_cver=1&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS9fUuF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS9fUuF&google_hm=NDM4NTMzODE5MzQzNDU0OTgy
Request Chain 244
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPKwdgqfzCkjXyj6YyMbm6N31sikWwaPvKl2-FcxESDuLkwVFrm3S7AfcxS7WooohWC_PwBcalg9UItDka_hIaVkn9uE5Yg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOl8v3MsT_zH932v5v1eYro&google_cver=1&google_push=AYg5qPKwdgqfzCkjXyj6YyMbm6N31sikWwaPvKl2-FcxESDuLkwVFrm3S7AfcxS7WooohWC_PwBcalg9UItDka_hIaVkn9uE5Yg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwdgqfzCkjXyj6YyMbm6N31sikWwaPvKl2-FcxESDuLkwVFrm3S7AfcxS7WooohWC_PwBcalg9UItDka_hIaVkn9uE5Yg
Request Chain 245
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb
Request Chain 246
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsceC4jf5cDVpbxkZ7XnOocDvP8URWJ_1bq7UH02 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsceC4jf5cDVpbxkZ7XnOocDvP8URWJ_1bq7UH02
Request Chain 248
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOUAxtODq5RaGy1I3HWculOqOEhLcrZgrirOU0PedjM0zECQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOUAxtODq5RaGy1I3HWculOqOEhLcrZgrirOU0PedjM0zECQ
Request Chain 251
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2vFyA3wxR3pDdGdMNm90Y0xKQkVDWEpUcGZ3QzdYSDQ3QjlQL2NLZy80NEZoYWNZTzc1WFpiUXdqWTJOUGJXdzI1QmtwRUduN1o3SHpqei9BZm5vKzUxczUwdkUzWXgwOVZlZHVCOE92dG1TeDdDYkJKZ3A5R3BVdy9HYkVXMnc2ODliandNMkNsZk94bmFiUWZxVGNheG9BZ3BGYmRmU0NmZVpaU3k4N0hZamo3amM3Qnp6ZGRJWWRiWC8zaCtkSEdjWTNDckhmLzZEdjVJVlpIZWVlMkJxekQzOHBUVU45UVRXa09vand4Tk1WK3FiYzRoV1YxNGN0QkZRYkdxZGdjcW5FbHRVb21SZk9RWnIzUnZYbFlaZW5sZz09fA&cppv=2
Request Chain 265
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
Request Chain 267
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw
Request Chain 269
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/344978158904687432850?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bu1gQU9E2oQ2pp2EzgGYrJ_GWGDkjjuNaQpYRCveUw--~A&dongle=0883
Request Chain 272
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=344978158904687432850 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=344978158904687432850&dcc=t
Request Chain 273
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 281
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7369271105066138859
Request Chain 282
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=43ca6a95119037558d0855c7
Request Chain 283
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643789570264 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=824521097 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3cd50a9e-3724-4b5e-85c0-16da0597e344 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41df737c-f8fc-4082-a490-a34f5019f694-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-41df737c-f8fc-4082-a490-a34f5019f694-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
Request Chain 285
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588519407665678
Request Chain 287
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=f5d5c7eb-9888-43e3-ab91-7a63b9734687&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-8QjVchBE2uHpqfl4gD6Bfz4SghtcDqgmXCGqB.c-~A
Request Chain 290
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=3cd50a9e-3724-4b5e-85c0-16da0597e344
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329561fa-3d02-4400-90f5-5ff0e1d4ba61&gdpr=0&gdpr_consent=
Request Chain 293
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTA4NDY1NTQyNDYxMjQ2NzEx&gdpr=0&gdpr_consent=
Request Chain 298
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&dcc=t
Request Chain 299
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yfo9ALx4MYZX5dh2.bIupgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmVifWGF_2-wWJR7x4-Ej0&google_cver=1&gdpr=1&google_hm=2
Request Chain 301
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=df713142-2849-4035-8aed-2bbfb371833c
Request Chain 305
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ59V79A-D-CT7C&sigv=1&esig=2~91e93b279639e799b08b84354a993dd4594ac59a
Request Chain 306
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD
Request Chain 307
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Yfo9AgADGQhXmwAy HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfo9AgADGQhXmwAy&_test=Yfo9AgADGQhXmwAy
Request Chain 308
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELFgSsOsxUVnsta0p6clNgk&google_cver=1
Request Chain 312
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk1ZTg0YzViNGFlNjA1NmNiNjkyYTU5MjVjM2Y0ZTUxMTkzODQyNg
Request Chain 316
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7369271105066138859
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8759b905-a7a2-5321-8dbb-dac6ec41e7c4&ssp=gumgum2&expires=30&user_group=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
Request Chain 318
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28y7YaRo_MSu89RprmB1YLvOFvEr1y5FxIhsC67ccV17ZgGLwhjVJZnZtfrar5azts%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28y7YaRo_MSu89RprmB1YLvOFvEr1y5FxIhsC67ccV17ZgGLwhjVJZnZtfrar5azts%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1136b25b-a415-44db-8c61-528fbefa6fbb&obuid=ENC(y7YaRo_MSu89RprmB1YLvOFvEr1y5FxIhsC67ccV17ZgGLwhjVJZnZtfrar5azts) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7060022444665469082
Request Chain 319
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=892343b6-1827-493c-a3ec-22c4b49f3efb
Request Chain 320
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-12853e9d-a79d-49e6-6e61-64510a2cb84d$ip$217.64.151.7
Request Chain 321
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-T8VOUNNE2pf5kJZxcJsU65PcQcXZIsfAK6Ot~A
Request Chain 322
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=e9fe0358-83ff-11ec-8a96-67f41156c3d5
Request Chain 325
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=tDqj8K_Q30b0His--dfF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CEOFVDQS27KEZTAYRQJBUXGLJNMRTEMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CEOFVDQS27KEZTAYRQJBUXGLJNMRTEMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=tDqj8K_Q30b0His--dfF&us_privacy=1---
Request Chain 326
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=ee4f2a14-18b5-4243-ba0b-d0de3e01409e
Request Chain 327
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41df737c-f8fc-4082-a490-a34f5019f694-003&rndcb=2882804805 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e&google_hm=MTNkY2YzYmYtMGY1My00MmZmLTg2ODktZWEzMDFmY2Y1Yjhl HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBTNh42A8mE40O1w6Xfkm-E&google_cver=1&ssp=adconductor&bsw_param=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/13dcf3bf-0f53-42ff-8689-ea301fcf5b8e?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41df737c-f8fc-4082-a490-a34f5019f694-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-41df737c-f8fc-4082-a490-a34f5019f694-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
Request Chain 328
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=sTLI5anQJ8oT&ev=1&pid=558355
Request Chain 331
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Request Chain 332
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=Yfo9AgADGQhXmwAy&gdpr=0&gdpr_consent=
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=3cd50a9e-3724-4b5e-85c0-16da0597e344&t=1646381570
Request Chain 337
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 339
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Yfo9A8Co5s4AAN8eEikAAAAA
Request Chain 340
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=j25hmhbmPeb0o4N6N142&pi=gumgum&tc=1
Request Chain 344
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
Request Chain 345
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1534326959032289301
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Request Chain 347
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 348
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7060022444665469082
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 351
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Request Chain 352
  • https://pixel.onaudience.com/?partner=214&mapped=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3bf965d7c8087c4e3a2d927f57263335 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b64d1c5df1a2071b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-46331247bc21&zcluid=b64d1c5df1a2071b&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPmQwKvakFEwBZrsjt03GeI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-46331247bc21&zcluid=b64d1c5df1a2071b&zdid=1332
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qjc0QjE1MTktRUJCMi00REQxLUExOTgtMkMyNDlFRDBCM0VG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJWDI402EzKt4ctg-s6L9Uc&google_cver=1
Request Chain 356
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1434781866090427069
Request Chain 357
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cd50a9e-3724-4b5e-85c0-16da0597e344
Request Chain 358
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7369271105066138859&gdpr=0&gdpr_consent=

348 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
filecr.com/en/
Redirect Chain
  • https://filecr.com/
  • https://filecr.com/en
  • https://filecr.com/en/
180 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27 PleskLin
Resource Hash
58a65716b244a462a9a7616ab18a60cf8e7ab0d08c630114ca614e2df95a7d91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.27 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://filecr.com/wp-json/>; rel="https://api.w.org/", <https://filecr.com/wp-json/wp/v2/pages/57680>; rel="alternate"; type="application/json", <https://filecr.com/?p=57680>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhdemE8so3b4WdqRkjHyIKmqcpJmr7AyKxqHDB%2BpkvZyX7flNCpQXLO7fLd1pj6k4dOV%2BU1MsdUdO%2BcmB9cjrk%2F08OzbrasXHSpeUSnwXisUQppG92qHUGX%2BRsLvcRKzp8ohUzRDbVAF"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d71f4cdeb733762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-type
text/html; charset=UTF-8
location
https://filecr.com/en/
x-powered-by
PHP/7.4.27 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-redirect-by
WordPress
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YurunfrUUCY0bU%2F3rFPwNtRD7EqpNm77ndD7QLC%2BAF9ThmuD4NgQu3UByr9YUzS8MzOL07%2BuLe%2Fa%2FqaVJmTn1jSbo7sqcYypdBEPzrj0mrutLb1WDhm2ylfAVQZLXtsUtGVHDgJ64cLK"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d71f4cc0c8883b4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2380437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2222
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-32ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGBCFF2%2BLsVSJQI%2B31fr5sXpDy%2Fl5%2Bv%2FbuIeBgeRbOc64y%2BseOgnmgafcG6P7IdNRx%2BV8nFBA%2FH96udMWtqqZz485wfG6Le9fsWYWchsAszE%2BsDOzr9Oy84IU1Mzcr06oPkCJnJl2K3tyTcKba64c%2Fd3"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d71f4d06f2a5a0d-MXP
expires
Mon, 23 Jan 2023 08:12:45 GMT
style.min.css
filecr.com/wp-includes/css/dist/block-library/ 		77 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6601
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 21:21:40 GMT
server
cloudflare
etag
W/"61f1bb64-1357b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEXAF%2FVC60iypstpzSvR8YjeHt%2F%2BBahEmkXJNeA4BXTAjv%2BuH2r8EF7Kde%2BBMt9tPJsT89tDZ1f3cogL9ka4kCa0tF%2BvbC7k5HkWRSHagR6QEHc%2F8PE2w3IuHETCKDeVt9Mwoku8faq9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6d71f4cfe81d3762-MXP
style.css
filecr.com/wp-content/themes/filecr/ 		61 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/style.css?ver=5.9
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6601
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"19c-5cc72c9e32d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OVftTsP0IThLOPHVBDacrvZLimWerKgJ3nMgEGc9hOJ9hb2WIs%2FsNbG%2Bxla%2FUyFPt%2FuRNtfzEFg9Ox6ledO%2By%2BKx17W10OXBSV6J7UoODDvddd4jXUtC5ANu%2FCVrZGjbP%2B74lM0IBm8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=412
cf-ray
6d71f4cfe8203762-MXP
cf-bgj
minify
style.min.css
filecr.com/wp-content/themes/filecr/assets/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/css/style.min.css?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5569
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-1adb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWZyzerBMrXAcFcmI4aC%2B9VFIMOySxXRFHVJrdKqbFiTSpNGXZQZ50yW1osJPf0vguBdXZLo4tina3xHCkPzPycNAfemnpYRPcQBKF%2FDoYBHvJJ7IJwJsWbevaHvO9DFWrGPaiKfGmW%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6d71f4cfe8253762-MXP
main.js
filecr.com/wp-content/plugins/wp-custom-parameter/js/ 		245 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/wp-custom-parameter/js/main.js?ver=1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3191
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 13:43:35 GMT
server
cloudflare
etag
W/"10e-5cc95b36c8687-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVfnHB75mgFb5kZzfX2vj81fIVB1l%2BrSlAyKYsL380rYk40nt0Ztx9JFE9pLaX0iiXWC680bEbB1krQ%2BVDeDwqQPlfvB9h58wQyRXR9Oo2L57jEuB7kDDCgiV12CJjn%2B5n5u%2BFoP%2Fwoa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=270
cf-ray
6d71f4cfe8263762-MXP
cf-bgj
minify
jquery.min.js
filecr.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2234
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQNS2Mf0chJEv9k0J6SxUVWl2yeWD2ixlAbuAZWEZRFEaxKliwXqWELLGSuOhBG9W%2FgrTiUoRZThEJ0T3TmgW7E6H5hQtjxmkByS0K%2FUN3Dfbb5opP49ge%2F0ePirwqDRXjLwqah0RZhG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4cfe8283762-MXP
jquery-migrate.min.js
filecr.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2234
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivtDwdYGuIOkb9CWaI7ctoqGgCWJ5%2Fh%2FYgzqwwMA%2BEerJ%2Bwurnef5P4J2Tvo4D9nnSFH%2F4hdNPNMKcINmxwsEEUrrKuucYwMRxjYlX%2B5JpYhX2KP7b5Vn37Qgd4tnPUD2gv5msLtjqDa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4cfe82a3762-MXP
advanced.min.js
filecr.com/wp-content/plugins/advanced-ads/public/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.31.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2136
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 15:40:02 GMT
server
cloudflare
etag
W/"61f019d2-29e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhtgMjZEBD1%2F0Mf%2F6%2Ff%2F27C%2FXWpaS%2FHO8xReFzFin3FYbzsqhA40hzbDmkPVvU2V7NiuPbfcTlGwAuxKC7J3hLXCoEKBkueEknLcA%2FKw%2B8Do2f4NqJP%2FipKxhIvQiq01yjuJcULD1Avd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4cfe82d3762-MXP
dmedianet.js
contextual.media.net/ 		430 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU709Q2E
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4223faa6ecd3e1d8911433c2eab68358e116cecb9b89a013201a07d4bd5aac4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-mnt-h
8-13
content-encoding
gzip
server
Apache
etag
"b3ba981da6c024a1a6dc51df19fba828"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 02 Feb 2022 08:12:45 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-10
expires
Wed, 02 Feb 2022 08:17:45 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44241aaf2a8c74295fc14fb7a9d4cadb0b5c575873aa1fae2c8da515ef05be42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36178
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Feb 2022 08:12:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9acd2877f41dbadea698aae9273910aee02d94f9947640f232ea755e8fb75962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52565
x-xss-protection
0
server
cafe
etag
711591157123756889
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 08:12:45 GMT
Ratiborus-KMS-Tools.png
i3.wp.com/filecr.com/wp-content/uploads/2020/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/08/Ratiborus-KMS-Tools.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6ae3d44fee370431559252a28e559634242520dbf7ba0e5896ce83081018d68c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:18:49 GMT
server
nginx
etag
"7d95ddaf88889bd2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/Ratiborus-KMS-Tools.png>; rel="canonical"
content-length
10420
expires
Fri, 31 Mar 2023 01:18:49 GMT
Adobe_Animate_CC_icon.png
i2.wp.com/filecr.com/wp-content/uploads/2020/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2020/08/Adobe_Animate_CC_icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
27db928f8c709b35ad57ebf9861ce524047078e7b7d15da57469ba3c6ca351aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:18:50 GMT
server
nginx
etag
"6a237a86e70af5b8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/Adobe_Animate_CC_icon.png>; rel="canonical"
content-length
2232
expires
Fri, 31 Mar 2023 01:18:50 GMT
MAGIX-Video-Pro-X.png
i0.wp.com/filecr.com/wp-content/uploads/2020/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/02/MAGIX-Video-Pro-X.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7cd1bd9e752db279ba54233f3e092f8d676fcdf6159928e2e55b5726ab673f0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 15:28:34 GMT
server
nginx
etag
"a42825b5b10f042f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/02/MAGIX-Video-Pro-X.png>; rel="canonical"
content-length
2632
expires
Fri, 31 Mar 2023 03:28:34 GMT
Icon_MAGIX-Photostory-Deluxe_free-download.png
i0.wp.com/filecr.com/wp-content/uploads/2018/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2018/12/Icon_MAGIX-Photostory-Deluxe_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7a8201b76eef065d6ecdbde1ccbb8e3db107ba3f4add934b1250ea98508b8ae5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 14:13:41 GMT
server
nginx
etag
"6d98900060ae9aca"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/Icon_MAGIX-Photostory-Deluxe_free-download.png>; rel="canonical"
content-length
1504
expires
Sat, 01 Apr 2023 02:13:41 GMT
ZBrush-icon.png
i3.wp.com/filecr.com/wp-content/uploads/2020/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/08/ZBrush-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
38519c2b577e3bee0a43a7e434bc8cc45eae9caf344ab59d86ec6801b436d9ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:40:16 GMT
server
nginx
etag
"ba296bf7f9b91515"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/ZBrush-icon.png>; rel="canonical"
content-length
3414
expires
Fri, 31 Mar 2023 01:40:16 GMT
Ableton-Live-Suite-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2021/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2021/03/Ableton-Live-Suite-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
541ab11e484dec4849db45b0af9e95796552daad45f5bcce145c025caacb3f2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jul 2021 13:00:51 GMT
server
nginx
etag
"82f27068edb390fd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/03/Ableton-Live-Suite-Logo.png>; rel="canonical"
content-length
8318
expires
Thu, 13 Jul 2023 01:00:51 GMT
MAGIX-Movie-Edit.png
i3.wp.com/filecr.com/wp-content/uploads/2021/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2021/02/MAGIX-Movie-Edit.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b59e4017c7a2b361c19adb330e81f80699131236987ec4ffa8e5700120debc99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 14:47:45 GMT
server
nginx
etag
"cd8ef83e1e6945df"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/02/MAGIX-Movie-Edit.png>; rel="canonical"
content-length
2594
expires
Thu, 31 Aug 2023 02:47:45 GMT
Adobe-Substance-3D-Designer-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2021/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2021/03/Adobe-Substance-3D-Designer-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2d0e45cfc96d36c09051dbfd5844f43f1cebb8e304d1256eea2b6169e06c7d74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 17:03:39 GMT
server
nginx
etag
"9f446d4fba87dc62"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/03/Adobe-Substance-3D-Designer-Logo.png>; rel="canonical"
content-length
3052
expires
Sat, 24 Jun 2023 05:03:39 GMT
photo-lab-pro-picture-editor-icon.png
i3.wp.com/filecr.com/wp-content/uploads/2020/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/04/photo-lab-pro-picture-editor-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c9a2201ad247bdf280490658cd2c8a09a592d774228e2e08012ae0107fa25671
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:58:44 GMT
server
nginx
etag
"ca4e369a8863fe52"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/photo-lab-pro-picture-editor-icon.png>; rel="canonical"
content-length
6194
expires
Fri, 31 Mar 2023 02:58:44 GMT
duolingo-apk-icon.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/duolingo-apk-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2cb5ef98ed9a3c63e2986c9c90f21c4ba8ba28396343626a26811fd9d3bf7e40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:55:29 GMT
server
nginx
etag
"1142883deb97f67c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/duolingo-apk-icon.png>; rel="canonical"
content-length
1628
expires
Fri, 31 Mar 2023 02:55:29 GMT
skyvpn-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2021/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2021/12/skyvpn-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ff24d2865523cddb14e5951ee2ffb2013f1940f053257f498c9a678307f4affb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Dec 2021 13:13:19 GMT
server
nginx
etag
"71b94936339f644c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/12/skyvpn-logo.png>; rel="canonical"
content-length
9984
expires
Mon, 25 Dec 2023 01:13:19 GMT
vivacut-pro-video-editor-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2020/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/12/vivacut-pro-video-editor-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cbfc2f90344566288e809878fdcfc19b3bf283b39ce34e511f42bd652a288207
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 13:35:35 GMT
server
nginx
etag
"b8532c01a5a13146"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/12/vivacut-pro-video-editor-logo.png>; rel="canonical"
content-length
9238
expires
Mon, 29 Jan 2024 01:35:35 GMT
proshot-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2020/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/12/proshot-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c5d775e76dcfe979d52eb0a5076b333164b58643a518d28512930babb0cd8c79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 16:25:23 GMT
server
nginx
etag
"6e99520cf29559f2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/12/proshot-logo.png>; rel="canonical"
content-length
2370
expires
Sat, 01 Apr 2023 04:25:23 GMT
toonapp-aI-cartoon-photo-editor-cartoon-yourself-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2021/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2021/01/toonapp-aI-cartoon-photo-editor-cartoon-yourself-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4598648ba4ac4f2c2ddb84c34ac3ad9b89a69ee8434482fb890e5a4ae5e6b94f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 01:45:08 GMT
server
nginx
etag
"27a77082e533d237"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/01/toonapp-aI-cartoon-photo-editor-cartoon-yourself-logo.png>; rel="canonical"
content-length
4290
expires
Sat, 01 Apr 2023 13:45:08 GMT
BeeTV-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/11/BeeTV-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
09a0fc459d402edeb42eaf038520e8add27e118f4a0d771b20d1d323cde5870e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:59:15 GMT
server
nginx
etag
"27d06a5fd6662ecf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/11/BeeTV-logo.png>; rel="canonical"
content-length
2198
expires
Fri, 31 Mar 2023 02:59:15 GMT
Drops-Language-Learning.png
i2.wp.com/filecr.com/wp-content/uploads/2021/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2021/01/Drops-Language-Learning.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
77f1415125c2b932c4b6b381ca599974b09c50dd1f16c99f3724d5025f5983d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 15:05:32 GMT
server
nginx
etag
"56c3e6411fa87137"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/01/Drops-Language-Learning.png>; rel="canonical"
content-length
4794
expires
Fri, 31 Mar 2023 03:05:32 GMT
Icon_Adobe-Illustrator-CC_free-download.png
i3.wp.com/filecr.com/wp-content/uploads/2018/11/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_Adobe-Illustrator-CC_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7cb6a375b59d0e9bf6a96c4bfae749601b421bd08a13097f211cf283033174ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:42 GMT
server
nginx
etag
"2e76d823d74442b4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_Adobe-Illustrator-CC_free-download.png>; rel="canonical"
content-length
1272
expires
Fri, 31 Mar 2023 01:04:42 GMT
Icon_Adobe-Premiere-Pro_Free-download.png
i0.wp.com/filecr.com/wp-content/uploads/2018/11/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_Adobe-Premiere-Pro_Free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
5baad9c4df7a71f3a4f2859c67594677b43dbf643471220ac90d4623d1839c30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:22:04 GMT
server
nginx
etag
"2a02aa6bb2904414"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_Adobe-Premiere-Pro_Free-download.png>; rel="canonical"
content-length
972
expires
Fri, 31 Mar 2023 01:22:04 GMT
Icon_4K-Stogram_download.png
i3.wp.com/filecr.com/wp-content/uploads/2018/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 16:25:23 GMT
server
nginx
etag
"7062f5e5d4dae892"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png>; rel="canonical"
content-length
3176
expires
Sat, 01 Apr 2023 04:25:23 GMT
SILKYPIX-Developer-Studio-Pro-9-for-MacOS-Free-Download.png
i0.wp.com/filecr.com/wp-content/uploads/2019/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2019/01/SILKYPIX-Developer-Studio-Pro-9-for-MacOS-Free-Download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
263b3f8f1b673c323831e1ca70265ece8fcfa1476825166b46e18324877eef26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 17:22:11 GMT
server
nginx
etag
"d39c58392d0551e5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/01/SILKYPIX-Developer-Studio-Pro-9-for-MacOS-Free-Download.png>; rel="canonical"
content-length
3578
expires
Sat, 01 Apr 2023 05:22:11 GMT
extension-feature-image.png
i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 11:51:17 GMT
server
nginx
etag
"d80f3bfe22caf697"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png>; rel="canonical"
content-length
10528
expires
Wed, 24 May 2023 23:51:17 GMT
script.js
filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.10.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4894
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 07 Jul 2021 11:56:39 GMT
server
cloudflare
etag
W/"60e59677-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tz8kvw9npqEJJp6kY3%2BZ3GIc05DrC%2FNpG61YNolHnzEmD5%2FEIc9b4ZbhG1jRklQwU0k5BFFITcBqqhGB6EvEi%2BPHq%2Bq2qr095XZaKpeAGRYwg%2BtuJnUOAIFpfDYgWctAbBxhdhrFVhRR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2962
cf-ray
6d71f4d0da433762-MXP
cf-bgj
minify
ads.js
filecr.com/wp-content/plugins/deblocker/js/ 		126 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/deblocker/js/ads.js?ver=3.1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2460
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 21 Mar 2021 11:33:20 GMT
server
cloudflare
etag
W/"33f-5be0a50e9c000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJj39PIDXz6%2BGNDGa4lOgDVcCRYgATk1rgONfXtH6IU4mfaRrEAIfDyz31YmWfvUV5hJqVuVqDStST4R4il9S%2Bz7hexRA3nwmPP6y%2BYozwyYu7rQdYJDBSacRtAPFabo7etIow4x8mIm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=831
cf-ray
6d71f4d0ea663762-MXP
cf-bgj
minify
advanced-ads-pro.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4894
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-1620"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYV88FzmWkytWM36v8XYj3g0%2Fleg7B%2Bbn4%2F2g4YIWKheoywIuNEKd7yHKSo%2BrszNt6FojtIJgdLMtLrEH6s1yQai4UZ7xDTAJy2t3B2jmvGUh2U5zdKXJ4RbIRSDRG7CwVbnHjc7KO5a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4d0ea743762-MXP
script.js
filecr.com/wp-content/themes/filecr/assets/js/ 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/script.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2877
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-4d0f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2p%2B%2FTYUGMLH1afI6g3VZfdqQhlV1Oa%2B8VjJa6%2BQF%2F3GnaXbhhCJg1PyOvPEYEJ6SuwrfDnMWVA5pTQmj14Ksdk%2FT1BYH7TrItWjjDqvHhhop%2FsV5scCAJSYfhOlQVknrOcSZSu8PXOb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=315638
cf-ray
6d71f4d0ea793762-MXP
cf-bgj
minify
ratings.js
filecr.com/wp-content/themes/filecr/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ratings.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2234
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-f89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RIFm5jwj4MRMnznI92FCfu9zXMW%2BsT8u7Jc7q9ajWmRcOBePAz%2BfMZgrCJc3av46j%2Bm%2BtYNzf0MzzOhF5OrMHoextGqCZBtd2CYxdnnhw04F6jbR3QRCnfN89M2c3hm4cGI71h5zjJ1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=3977
cf-ray
6d71f4d0fa833762-MXP
cf-bgj
minify
confirm.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/confirm.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-842"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGyrd2yT6v2K4rt%2FxsVfczFLcIpq0TUNRZdeXDPeOn04YEq4stfiw9027WZa0xh2nQTr1lLxkDR8pNjIouRQ37MlMDeZIGVVfix0jrr%2FGTgGjXfJmskfAWRKhQJy9chzHsBtHO4%2FZDXa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2114
cf-ray
6d71f4d0fa853762-MXP
cf-bgj
minify
ext-notification.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext-notification.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4894
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-88e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tswAX0ZYjydDdAZTRJDjxtefRPaKKOoMeIr8BdHSu5U5DI1YxkghJ3BMtnLKdzV9dSx0TSJkLvOsA9qDKKohHFpRiVt%2BW8BU9eWuQLkHE7WQf0uyT%2B4RZsHl7QIZYYu5zsdhPCx9Ug%2Bd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2190
cf-ray
6d71f4d0fa8c3762-MXP
cf-bgj
minify
custom-front.js
filecr.com/wp-content/themes/filecr/assets/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/custom-front.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-47ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmdJReKBk58bzSBwOLLxDCUeKRIGACh%2FhDkSgVXi5Rj6UpRgfzf6Lo1Sc2VXCFDvvmfeJxJmmwhl1fma7VIFjSr1bZ6A7w01MYb5UrcHobIu2yHFx0cG5nKolqfXKIgH%2Bpbf6DnXiEhG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=18431
cf-ray
6d71f4d0fa933762-MXP
cf-bgj
minify
ext.js
filecr.com/wp-content/themes/filecr/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4894
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-36a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v%2BtfwBdCHWlUbWXB4lYkPNq%2FlWf6DZw0rk368Gw6QzPg3cJvhGBYWWZVBz0p1ijHXWnFGVjcx07kraai3DkQ%2F7zqYqtOuOyQSbIQZ8RtqvV88w1yRrs8ylbbuNZ3KByx4KWmIbNBI9G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=13986
cf-ray
6d71f4d0fa953762-MXP
cf-bgj
minify
base.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4894
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-11df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MBRUbz2Gx20ZLX7N%2Fam%2Ff3azCntpx9w4uOkkbQKiT0Vgx0zK9fEyTND%2Br2vaXcQ0Ft064GNKy0zrgnz3jbBCP4Z38LQPYKrsuE%2FokSzgsiDO4SsCADlD4kDnW1kXLdTPWiw77wPSeTt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4d0fa973762-MXP
wp-emoji-release.min.js
filecr.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6121
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQ0ANnY3Kv6zqQjMNmWlHh8XgxhjB79EwFmVfo995TZdXRL7bu6hnV2AR6imI78vxl3zo%2BtHxYZi5H7symwhig0y8dJVB9I%2FnKqwjCa9ysphz1Wge6Gsb8dGvTEzZXUfCMTHoT38Phwo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d71f4d0fa993762-MXP
filecr.js
cdn4.buysellads.net/pub/ 		561 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7d4ad92539f2a099abca34ad8928a78f9712111c9af57209bec5309b8196e721

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 19:43:25 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9JACPC2466Q5FBY5
etag
W/"f0505c10304480b0d08d9e4f6c81f53d"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
KHNVPxcglkoz27SH7wjuANjwMJmfGAO1QftEbMx7n81PEXXgh8NlsM5UscQlZ+/3LKX2UI7dd5w=
expires
Sat, 28 Jan 2023 08:12:45 GMT
Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
666620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30064
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-7570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mph11w%2BWWyTMK%2FMpdnTCuhWsVXnrsBzm6RHgdvOfHUu3DAJF0fgeUHEURnNlozVoMGx2IDQJg7wt8vAwgx8GiW96QUrkgTbVK8FNwQJcBMAqre0L2QQMIi%2BAxl9HXJcjpNN%2BSneDWiPGaCOFvqzqiqA"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d71f4d15a333751-MXP
expires
Mon, 23 Jan 2023 08:12:45 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
comm
webcrx.io/extension/ Frame E28F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webcrx.io/extension/comm
Requested by
Host: filecr.com
URL: https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tZ5ZvYQMsB3mTqKrXI3ELq%2F6ZRrd0rC1ykKd3hXUKXUmCqoyZYI2bAHsb%2F0fWuwZM4lMUkfRyEtrKqr7yw39ya6vcp4MpIOYcYeFwaWPQHUgJtafiJChAgjCcpJljqzejsKizv3Tmo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d71f4d4895ce8f3-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
334f989f9df4f0cef73ec0201b686924b283aedb65bd27b0f17366ef40c44b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52584
x-xss-protection
0
server
cafe
etag
13937357858607047356
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 08:12:46 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
447d6c7847ddce7d3017c148199f55e894b7f7ed6de3ace3e1167e3221dbddad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104643
x-xss-protection
0
server
cafe
etag
1490595983112021914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 08:12:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame 8440 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 01 Feb 2022 19:07:27 GMT
expires
Tue, 15 Feb 2022 19:07:27 GMT
cache-control
public, max-age=1209600
age
47119
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2272
date
Wed, 02 Feb 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 02 Feb 2022 09:34:54 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27277
x-xss-protection
0
server
sffe
etag
"1119 / 755 of 1000 / last-modified: 1643756703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 08:12:46 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=6.3773086201881535
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
6AEXBT1A4X63DTY2
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
CY6leJjrfZMMg99X5CnIUZXuuk65C5zcZ18y9Y1iVVKm0DRhICE/WnRxKzhjMmTCfh8ng0I8Vg4=
expires
Sat, 28 Jan 2023 08:12:46 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=6.3773086201881535
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
6AENM46D4XVDH4MG
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
wIjTUVZ4swpo7gtA14tNjSiEPdRdEGYrvgTcYBzelAH4AATr1zEMw4pvUANOerDDdnkqngAJ2qE=
expires
Sat, 28 Jan 2023 08:12:46 GMT
cookie.js
partner.googleadservices.com/gampad/ 		214 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=filecr.com&callback=_gfp_s_&client=ca-pub-3553508983172692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d97896ce5ba9b00fbed2f1270e9f93b81442bd6e5b9b27ddf64757a228a04b71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tn=DIV&id=site-alert&cls=alert%20fixed&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4AD1 		151 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1643789566&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565895&bpp=4&bdt=495&idt=295&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=758259895464&frm=20&pv=2&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4d08eff8cebfaaf8911199b01aaeef8ec356d00ab981abf9ef7576be8f78be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 08:12:46 GMT
server
cafe
content-length
43592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 08:12:46 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5656 		79 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06596d0531c207b45e37f007165756c672073c5d139b30848a83038aca587cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 08:12:46 GMT
server
cafe
content-length
29918
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 08:12:46 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 84AB 		70 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cce6d13c7703a2c6a7dfa38e0e9c75b1173fdf2bd5861a7b9e53de0963352005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 08:12:47 GMT
server
cafe
content-length
28714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 08:12:47 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1836597937&t=pageview&_s=1&dl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&ul=en-us&de=UTF-8&dt=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1123878828&gjid=1907391330&cid=1007613521.1643789566&tid=UA-139662474-1&_gid=137557480.1643789566&_r=1&gtm=2ou1v0&z=479455637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 07:53:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		45 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filecr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
92a4089b295e2ceeb353259d14564c07775fb24ebe753fa4185c6bf4f22394a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57
x-xss-protection
0
expires
Wed, 02 Feb 2022 08:12:46 GMT
localstore.js
script.4dex.io/ 		483 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580879
x-amz-request-id
txfd1c77a515734f94831ab-0061f15fee
x-amz-id-2
txfd1c77a515734f94831ab-0061f15fee
last-modified
Wed, 26 Jan 2022 14:43:29 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvnXDq3MLjEey%2B9nTKKeb0GmUle30z0l1PpzsAgCB8JQJpp%2BmNUZHK7O39IFdBzbD9DZYQ3KiOHGlrcYPmrr2s2tPAB7OKCta276BJvo3k3nCdDo%2F8v1XQZuSvyJVbUoRr8wyKkylk4zP58B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1643208209303360
cf-ray
6d71f4d84be70e2a-MXP
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280b04cd001d&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0cd647e5f70febaa00a3c6685031fd565accf42bc82671674aee7da7b0f7fe65

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8d7dca6a04e7336a202e053f268bf0d20a2ce60e469f711cc5251402b8ce65b9

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0678d1e0138574c8715d30fc23650f975ebfca658d96e823fe7ba98b89260d45

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280be73c001e&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f34c9159dc6d8ae6c0f2bf520b6902fe2f13d69fefe053af79e3831deb0795d2

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691a0017c7c2769342812c4ac0020&pos=8a969d17017c7c2764ee28140f1d001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b75a3a703d0964ad9460f6c1786bc2051ce16720cf50863a7e447357b4225f29

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3580b27fde6bb27b66b54da12e2a6a53b9e9595feeed3e486e8e67e84fab69df

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280c36f30017&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3827e07bf022182c8097779998334ef63d458607c46d0338bdba90eadd0a9f27

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
61d53933547a91091d128194c93c5f4bb564169651c0d8326e1af79242d9801e

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f9a4fa2f721430931f8d80ba2593b3beed04430ec92e3c8ee67f45652fb84690

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f07c9e46454d559912116f5f9934e494831d5a4f2694d9703cf270cf218f7a1c

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		613 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3e7c796234c56db38217d832af003c8aeed909713daa2e08b5dc773b7aab4d02
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 08:12:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a4fd51f4-57a6-47d0-8227-5a8911c3048b
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=19181973631
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&CanonicalUrl=https%3A%2F%2Ffilecr.com%2Fen%2F&PublisherDomain=https%3A%2F%2Ffilecr.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5d1b35bf56bf714015996b39ba3180384745be0c3ce192b10271e5c74e4cf666
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
53
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Wed, 02 Feb 2022 08:12:46 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Wed, 02 Feb 2022 08:12:46 GMT
access-control-allow-credentials
true
vary
Origin
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1643789566721&secure=true&version=9&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&measurable=true&bids[0][bidId]=381fc5074a22488&bids[0][config][property]=6115725d81c45d000f945f3e&bids[0][config][zone]=FileCR_S2S_Leaderboard_ROS_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=399ffac00f0e98a&bids[1][config][property]=6115725d81c45d000f945f3e&bids[1][config][zone]=FileCR_S2S_Sidebar_Right_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=600&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[2][bidId]=4095f3e82b98dea&bids[2][config][property]=6115725d81c45d000f945f3e&bids[2][config][zone]=FileCR_S2S_InContent_ROS_Pos1&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[3][bidId]=412716f25a3fbeb&bids[3][config][property]=6115725d81c45d000f945f3e&bids[3][config][zone]=FileCR_S2S_InContent_ROS_Pos2&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=424ea96ff89859e&bids[4][config][property]=6115725d81c45d000f945f3e&bids[4][config][zone]=FileCR_S2S_InContent_ROS_Pos3&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&property=6115725d81c45d000f945f3e&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
726f7fbad4b86267924b0ab710b8b0c27fe107ce395e85e97f06f71d0911ba75

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:47 GMT
x-powered-by
Express
etag
W/"38-zLpc6LUoY+XRLG7G4R9XHgDi2mA"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tk_flint=pbjs_lite_v4.43.0&x_source.tid=32f6bf74-53fe-4963-b64d-a282e8ddfce6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7557584373052448
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d3cb9b20fefb1543544dd2818d12b078a7e68e98c659b9b8aaa6f73d41c59d29

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tk_flint=pbjs_lite_v4.43.0&x_source.tid=73fc5fb6-dfd7-4570-8482-066048983ea4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3312533668632147
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2b15152787903e43768b0ae1484abaf315f56eae6097e5197d3c82815ac5217c

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tk_flint=pbjs_lite_v4.43.0&x_source.tid=082e2ec3-2168-4c48-b073-19ebaf7cc431&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3823814337803446
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
281a94665363187d46f9a3c597c5d9142d23a763600879f69da0bc1fe136cc75

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tk_flint=pbjs_lite_v4.43.0&x_source.tid=e2a2fcfc-db63-4314-beef-0e3569508032&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.029373669377777967
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
57f3f4a25dc1bd551540bbb5931767c61d9d93cd091b48ba7d6e4d3f2960f0ac

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tk_flint=pbjs_lite_v4.43.0&x_source.tid=a8bfd210-918e-4051-8a57-088408295d17&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.014361428933088671
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1e547999e3990ae359d4551fd9f8fe3ca991deca77a6e15f2fb22d55613e68ea

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://filecr.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		99 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcd5f143bee81e58c977eb6cb49872787b0e84be7c629f2faa00318096e2da8

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6d71f4d8aaf13762-MXP
pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
adreq
ads.servenobid.com/ 		645 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=555
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b3b3cf311d2b774d91ca43aa14f3b72a59c125b9896d6c395e29fd201aa971e4

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://filecr.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&tmax=900
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.232.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-232-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580869
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx986efc69e6ee4096a9fbd-0061f15ff5
x-amz-id-2
tx986efc69e6ee4096a9fbd-0061f15ff5
last-modified
Wed, 26 Jan 2022 14:43:28 GMT
server
cloudflare
etag
W/"88567a823cfd2840dd0a3198b929d466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuWYYRggBe2St3PfGs2mssoKQ%2FbK0bnKpny3v%2BPVGDVQ1GGk9Q012mS9vyaBLj5MyaE8EsGNVvaqRZQYF%2F3hwZPcaKPgftBojS1At83xElSTK%2FbzdJEZKitMqICvjKLw1nzPdzmsVTLpRDwL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1643208208262354
cf-ray
6d71f4d90a3d59f5-MXP
access-control-allow-headers
Authorization
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4b6bd35c6db249a05cbbf81b7c98c2266db26580bb79d216529230c81086914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54793
x-xss-protection
0
server
cafe
etag
5239809838427442981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 08:12:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-3553508983172692&eid=42531398%2C44756431
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-3553508983172692&eid=42531398%2C44756431
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94814568576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/ Frame F66D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 01 Feb 2022 18:58:04 GMT
expires
Tue, 15 Feb 2022 18:58:04 GMT
cache-control
public, max-age=1209600
age
47682
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 5656 		6 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 06:20:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 08:12:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 08:12:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 5656 		1 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 08:07:35 GMT
css2
fonts.googleapis.com/ Frame F66D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 06:17:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 08:12:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 08:12:47 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F66D 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:44:28 GMT
x-content-type-options
nosniff
age
12499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Feb 2023 04:44:28 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F66D 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 05:40:38 GMT
x-content-type-options
nosniff
age
9129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Feb 2023 05:40:38 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame F66D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b93887e254ebeb4138023845a5b29a6fbae9293bdbdcbd2bfb772814c22d388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8049
x-xss-protection
0
server
cafe
etag
11932668728170215831
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 08:05:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 5656 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:41:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 5656 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:53:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5656 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 5656 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:27:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:27:49 GMT
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame 5656 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/141868892499039288/ Frame 5656 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/141868892499039288/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dde47b2a5ff36b2d29806489500677b63302923a620408f6c02010fce58c0f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 13:26:09 GMT
x-content-type-options
nosniff
age
326798
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18496
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 10:44:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Jan 2023 13:26:09 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5656 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZPeu_jz6YfGdELPm7_UP6MC9uASBy-y-ZvuPqruJDqfW_fGhERABINXClHVgleKQgqAHoAH6n6P-AsgBCakC8-fgQgnpsj6oAwHIA8sEqgTzAU_QgzU3FU65y7Ejy6q-0hbB_KTairKYz_Bzv1cSXOEw7v8dGs-VV4ucPgHFX5fvLFCxKWTbmNpGn1XdgJNdS5mxnwXU472b1OTAXr82yvIUcCve2DuJJ6NS7qet8-qJ82dyESSRlFvxKgdgA4rUql5ZmYmRce-FWYK__xZ-sUWxDMtsKHg3GRCP_Av8WBOsFG24UXa-gtbu876mMLE6VW9ky59T7mLJ9p7MsLFlrrpfjtBh2FD3nKQrmAMQZbPzz1DCKBxbXUcfIvmSGUwBh8OfcMtPngkDJBnziq288zFYUO2nhgnuMOAJ32abX-bYm117VcAEto3i1tIDkgUECAQYAZIFBAgFGASgBi6AB-7f3IEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1vxP0ggJCIDhgBAQARgfgAoByAsB2BMNiBQD0BUBgBcBshccChoIABIUcHViLTM1NTM1MDg5ODMxNzI2OTIYAA&sigh=2uZ36cdhEnc&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 02 Feb 2022 08:12:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 02 Feb 2022 08:12:47 GMT
css
fonts.googleapis.com/ Frame E20E 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 07:10:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 08:12:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 08:12:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame E20E 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame E20E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame E20E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E20E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame E20E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame E20E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		346 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1159067201189241&correlator=386774625481645&output=ldjh&impl=fifs&eid=31063377%2C31064671%2C44756431%2C44755509&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=8691100%2CFileCR_S2S_Leaderboard_ROS_ATF%2CFileCR_S2S_Sidebar_Right_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos2%2CFileCR_S2S_InContent_ROS_Pos3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C160x600%2C728x90%2C728x90%2C728x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508894724-7_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508935810-9_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629214863639-0_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215045012-3_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215230348-3_123456%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dfilecr&cookie=ID%3Dffff60a581cbbc00-22fff16a31cd00fb%3AT%3D1643789566%3ART%3D1643789566%3AS%3DALNI_MYFzYUqNCBJtf9XywaeNEJQ9zy4sg&bc=31&abxe=1&dt=1643789567102&lmt=1643789567&dlt=1643789565400&idt=1013&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1073%2C200%2C200%2C200&adys=3100%2C453%2C522%2C1540%2C2558&adks=1202396793%2C1436553605%2C1058625133%2C1413693914%2C3977682169&ucis=1%7C2%7C3%7C4%7C5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&vis=1&scr_x=0&scr_y=0&psz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&msz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=true&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C0%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e32974fcd4c3ac2034a4439d9a4f37cb6d6381b307d0819acaa84339f3df024c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42463
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 59E8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame A62B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 02 Feb 2022 08:03:04 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
13326819224319567301
tpc.googlesyndication.com/simgad/ Frame 84AB 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13326819224319567301?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn5FA2Tg1t27Ln-dbYQpJKXs_jIrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c8807633315d9a295a573917fcb99923c4f8d610982b060d383c3961bd63e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 22:07:27 GMT
x-content-type-options
nosniff
age
36320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30107
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 07:08:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Feb 2023 22:07:27 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 84AB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 84AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84AB 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 84AB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 84AB 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfaab13f143182d1440b669a897f1483fa62875630704be96b14470cb3f2fc83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11420
x-xss-protection
0
server
cafe
etag
10042690048157680901
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Feb 2022 18:30:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 84AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1Hoh_jz6YY_AEsqViQbmiabgBJS1uO5nu5_9vOsO5rejto0OEAEg1cKUdWCVkqCCsAegAbn6n9QDyAECqQJFocWuilejPqgDAcgDyQSqBP0BT9BfibeQh2Mhm0ZUm-xWy079A_9bx_OFCxFZpS4-yzydSPIUeWEcFQrKdZgH1nfJOUplhmBQS6NoC7kCB8oIeVOz8ZuQ1Z0CShEe8iKUpVfClMhOvZ7ngwjfTb4Qk_xH8sr5Xunii4od-2LAMc6Q15954Aq0n7G8kZizrjixoj6pXaIl8Y-uL-3idKJWkuvEz5Tu34FaKV9sT81MzliMRK9tj6qjNyxL2bmNrP0zrq7KxDv_G39va2XRyZ6dWCI8Ja2DA49SSsk_BEPXLcnBptvYIuOuJFIlKWxJGxOj31OiKB34HS9dm7ol_yJQTO93Vbzsz_snDdrVyKZUJsAEsKPhj_IDkgUECAQYAZIFBAgFGASgBgKAB6-F4CuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDC_hPSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1MzUwODk4MzE3MjY5MhgA&sigh=sSMoBzprvSo&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 02 Feb 2022 08:12:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame B410 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 02 Feb 2022 08:03:04 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame A62B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Feb 2022 08:12:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 08:12:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Feb 2022 08:12:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5656 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e152011239168ccd2d8364fb554ade893c560ae151b7098d1f2bf0d4cf65ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5656 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
43492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5656 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 11:22:37 GMT
x-content-type-options
nosniff
age
593410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 11:22:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5656 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
47578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
truncated
/ Frame 84AB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a90b2b863804617ca3845a143f20efe8e8ae6f0ff95f703ddf55edc2f9be405d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
pagead2.googlesyndication.com/bg/ Frame 40B6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3401160548&adf=2665387617&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565899&bpp=3&bdt=499&idt=328&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Bstn6MfJo9&p=https%3A//filecr.com&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 20:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
388404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 20:19:23 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B410
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Feb 2022 08:12:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 08:12:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Feb 2022 08:12:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
pagead2.googlesyndication.com/bg/ Frame 7432 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3056621011&adf=2367702040&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1643789566&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643789565902&bpp=2&bdt=502&idt=358&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=758259895464&frm=20&pv=1&ga_vid=1007613521.1643789566&ga_sid=1643789566&ga_hid=1836597937&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44756431&oid=2&pvsid=1159067201189241&pem=164&tmod=726903493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IIJuhF4C0k&p=https%3A//filecr.com&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 20:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
388404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 20:19:23 GMT
-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
pagead2.googlesyndication.com/bg/ Frame 3A12 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 20:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
388404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 20:19:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
402a9c97c55198d887e5a6ca49bbdb6a740f9f82508161d30693a28458b5baa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10104
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C936 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF00 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1ABA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C57A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 08:12:47 GMT
expires
Thu, 02 Feb 2023 08:12:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:55 GMT
server
nginx
etag
W/"61ee2acb-16429"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Feb 2022 08:12:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C936 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C936 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4sCl_zz6YYuOC42f7_UPqbCnmAjN3PeVaMnan_nVDr_oor3AARABIPzf6Blgleq3gsgHoAGo9qe7AsgBBqkCRLt5fKFJYz7gAgCoAwHIA5sEqgSQAk_QhedWJZmkf3Bc_fyVzE_bl_wI2pMGt4x_N0R-5CSWTPNTuxSinJE-MiENbnFuQCkGND03iCP61qwThTXwa3PWHAqFFchr1hcKYKQ3_hoXyeEdiihfZk4xQDlk2966Mc1F-RcTxP7TN7i5NnFiFEjvttg4U3SOndJ5-JEBGluUHAuQeRhCCfSluvXZxNVQ7iSShGGLT-qfOiccYy5Iyqn5aVXK_0ATFtdY_NYpBPOPmIb_-37Bu1gts8e-vBwRrMKTe-mh1PdRfL7AN7r4TeCD0_dTsJnTCXVH3UaVdatWTLjTG5jLcBgj6cwZx6zku2HKPBvkAq9nUS-lCD4n9IakGhnLBzfLtMzeQBsJzJt8wATd6LCq1wPgBAGSBQQIBBgBkgUECAUYBKAGN4AHwInYxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCCiAjSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=1AEuITiXc4s&uach_m=[UACH]&template_id=492
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame C936 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C936 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C936 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C936 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
l
www.google.com/ads/measurement/ Frame C936 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJKk3FqO8cAVcvBGjsf5XijESx3CdpEfuKvf1kCHoLWb0gl1o0qZRMMSHxhE2KC9T_tV6s-k1bmZACGdENMWSIjvncYg
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame C936 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 28F8 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 28F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Clj0q_zz6YY2OC42f7_UPqbCnmAjN3PeVaMnan_nVDr_oor3AARABIPzf6Blgleq3gsgHoAGo9qe7AsgBBqkCRLt5fKFJYz7gAgCoAwHIA5sEqgSSAk_QvGfcpSldO8a_pLm6wAT-gbwMZEU9S-l8ZfoKdVF4TfUBcU6JKVfesEYJDfUgn1sy3N8sEK8j1jjGEafnC-6PgR9gsO7grNCZKx0nt1PHMp6rXM6TrRkNDaWmd1ghiVe93hkfKe8jn0RD6H55C_RoMQvY8QNBKckMAI0c8VK_qbOiPBDzdwnl4kIGHcWobVjIO6JN1oSWEIqmpL_r_4uJV5lkX3odRwM9eczj-hJBcHnzQTm3pZc73wqoNFgPa3K-fPb7Z2LbbaXq2hMPECQDiybVy5BQV0kW18Q9jsoxOWlCRt3DrM1TH3By4tQHxPfDbjMJQgwWBG5lBEMpb0CnF_kqmxIRqpf9rFsiuHsjzz7ABN3osKrXA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfAidjEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEManBtIICQiA4YAQEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0GJyTDw&sigh=8KEtXv2Fi_A&uach_m=[UACH]&template_id=492
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 28F8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 28F8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 28F8 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 28F8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame 28F8 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame EF00 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EF00 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZiGN_zz6YYyOC42f7_UPqbCnmAjN3PeVaKLD3Pi5Dr_oor3AARABIPzf6Blgleq3gsgHoAGo9qe7AsgBBqkCRLt5fKFJYz7gAgCoAwHIA5sEqgSTAk_QFoBRJHOEoHgFTfScNwy05Em9BO77sdcXCmIftwtWKEm3IZXcKD1Cfls_eXBTtvfm62XYFBrCqz3fo2LBBGJlQAeyWBfuaoMnxfJh60sXO-9rhKU50aX-4Jy4oUPNYlBUv1OwiSjOjuZIyNttWpYcrTrt0_lf9QXNtAe7ClGshf3nIpj83DzZpem20glkBgtNs0rozdaTrUjRX_Jy0Wfy1pfbbJAtWuDZmlT3sW-3yEMoij8wkCYopxK2t-fcWDoMRwzQu8QZW-9iBxZ1zFfii_RwEpmnpyUPFipWYjj6qhugFFF9mHDGvT-vUBk38xViiDKX_ggeTOXAPqJ0suz0SWTpLF9GEEj_qqnrBzneLtI8wATd6LCq1wPgBAGSBQQIBBgBkgUECAUYBKAGN4AHwInYxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC9hgvSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=kQNIfkCCVM8&uach_m=[UACH]&template_id=492
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame EF00 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame EF00 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF00 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame EF00 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
l
www.google.com/ads/measurement/ Frame EF00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxIJdP2Trg-gH0IZJeFcRRIEOpTVO2fDXAU2KBdfwOsm2RKxabixAxMo5sjpV7VaVytIDqvt1Rz1Yq-7h93nnIFT5H-Q
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame EF00 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 1ABA 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1ABA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMO_b_zz6YY6OC42f7_UPqbCnmAjN3PeVaMnan_nVDr_oor3AARABIPzf6Blgleq3gsgHoAGo9qe7AsgBBqkCRLt5fKFJYz7gAgCoAwHIA5sEqgSSAk_QZdFNGb75r3To6YlKa8eKVXbn8WZalMILpL151ipo4MrC8EHEYhA_lla_FeQhEsdjbOzj1IWLHaZoLc-vcEsjUZBTYql7b-XtqqoA0Ppegwrcv7kZ7tlWSLQAMW9D-jEdLj4S9--aZqHiOisNntOr7-WVQUuzALKD55tsmrpR0Xa1bNI-RTjKTOfClheDfkKuf2kCJsCyVWNkMR4iPIbfdJEOcGFomj1E3Cmp5NV03Nva7r1khiY9zAoQ3QkIrcTC7lFOOL6knJ-zU0C8jb6sUEu9ztwyjNfl2ZjGqsAaHPZsNRE-aoHH3v4F58ih8okFcS-YjqRSy7152EXtYCTIuKeme87eEZTKVOb4mLs1SVfABN3osKrXA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfAidjEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELCZBdIICQiA4YAQEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0GJyTDw&sigh=-YvtoMaGJhk&uach_m=[UACH]&template_id=492
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 1ABA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 1ABA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1ABA 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 1ABA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame 1ABA 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C57A 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:59:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C57A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Czm5O_zz6YY-OC42f7_UPqbCnmAjN3PeVaMnan_nVDr_oor3AARABIPzf6Blgleq3gsgHoAGo9qe7AsgBBqkCRLt5fKFJYz7gAgCoAwHIA5sEqgSSAk_QfKCq4DFHxUAcYJsGuFEaoE-FyiSnm7oKHqv2u_2o0W6Aa6iSek4ckYj4tH8vT1ffz3AFdWjZL6daDv1VsNrgW9q-4DX0PUY-O_WzAv8NbgHqPamWCIMujblTjIxVcy1VJeqG4vjlteoyqgbU6sNjVIiVF85QMNmQjkkHQ-WYMwrWxfruMM0-kpdBkkMEz0HdYV1IwIqAYaIFwZwx8Wmn0kaEp7vKDU_w_I1Ud00TPHHp8QFXxx3_R4e6W3wdozv01sm50WPYpu92ySZoJRkJ5VTDpwn0RWpJvxiiUrlTL6yT1Gk1-9a9KLwzrfFCUPW1JBviuSTc3mf1mUlWCX5FQ7B1wbLjZIp3A6pZIrR6fn_ABN3osKrXA-AEAaAGN4AHwInYxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD_wgLSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=At94MinwQrk&uach_m=[UACH]&template_id=492
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame C57A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:23:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C57A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:13:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C57A 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 08:12:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame C57A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 07:17:39 GMT
4b5ee2b4ff5a9298bcc39e4df8189ef4.js
www.gstatic.com/mysidia/ Frame C57A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8429 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 07:44:49 GMT
expires
Thu, 02 Feb 2023 07:44:49 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C3B9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5c8e26a7aea0a408d2b06a82cece31a76e4587eed55b30b26317f1ec6ae633f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qz8iYNFtnkvRi7ZiaOJNDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Feb 2022 08:12:47 GMT
date
Wed, 02 Feb 2022 08:12:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Qz8iYNFtnkvRi7ZiaOJNDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
downsize_200k_v1
tpc.googlesyndication.com/simgad/5266067455586727316/ Frame C936 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5266067455586727316/downsize_200k_v1?w=600&h=314
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aba9678a510a72b24a0553b11f206321655b25d6de8baf4c5dae93035d733145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 14:20:10 GMT
x-content-type-options
nosniff
age
150757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26182
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 12:32:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 14:20:10 GMT
truncated
/ Frame C936 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/9499037784777956629/ Frame EF00 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9499037784777956629/downsize_200k_v1?w=300&h=300
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d16e7e65fe4a743f4e8e86b20f092816fe6649437f55433397fcf2b6d630c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 14:16:30 GMT
x-content-type-options
nosniff
age
323777
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14408
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 12:42:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Jan 2023 14:16:30 GMT
truncated
/ Frame EF00 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/5266067455586727316/ Frame 28F8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5266067455586727316/downsize_200k_v1?w=195&h=102
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a6b56c740c9210619e6a1b88659e673e3e11db64fc346aa167a8dd2b455dd76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:15:58 GMT
x-content-type-options
nosniff
age
129409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 12:32:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 20:15:58 GMT
truncated
/ Frame 28F8 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/5266067455586727316/ Frame 1ABA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5266067455586727316/downsize_200k_v1?w=195&h=102
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a6b56c740c9210619e6a1b88659e673e3e11db64fc346aa167a8dd2b455dd76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:15:58 GMT
x-content-type-options
nosniff
age
129409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 12:32:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 20:15:58 GMT
truncated
/ Frame 1ABA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/5266067455586727316/ Frame C57A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5266067455586727316/downsize_200k_v1?w=195&h=102
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a6b56c740c9210619e6a1b88659e673e3e11db64fc346aa167a8dd2b455dd76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:15:58 GMT
x-content-type-options
nosniff
age
129409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 12:32:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 20:15:58 GMT
truncated
/ Frame C57A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A9C3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
67595
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3CBB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
67595
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 79C5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
67595
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DAC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
67595
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 64CC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
67595
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C936 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8799bf72df2d045c2492bd5c324f0c7f69b45a942b7d466ad08c32177d7ac21f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame D7A2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2143
date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
5182
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:55 GMT
server
nginx
etag
W/"61ee2acb-16429"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Feb 2022 08:12:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C3B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220131&jk=1159067201189241&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oy4qkU_ISdGLrs4Dkiyjqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oy4qkU_ISdGLrs4Dkiyjqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKJk9ptXdU-3-P2C_Q190bUUk9qhYj5ZG2ROt2yGKB2WNJj-qEQTK_5SmAUWGEjlGhkHhSV0Ua-LnAtfTKMpCS2IR3-Fq0vhg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oy4qkU_ISdGLrs4Dkiyjqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKJk9ptXdU-3-P2C_Q190bUUk9qhYj5ZG2ROt2yGKB2WNJj-qEQTK_5SmAUWGEjlGhkHhSV0Ua-LnAtfTKMpCS2IR3-Fq0vhg
date
Wed, 02 Feb 2022 08:12:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbheFkwVpfHLuSXjHmm_Qkl36g3WzQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbheFkwVpfHLuSXjHmm_Qkl36g3WzQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLIrgLkiC4J3rnmrOKJGQ-U7eKCh4MnNuyVaO7V2SP7HZReDHnCPkVpmSkGGlC-0YlATbheFkwVpfHLuSXjHmm_Qkl36g3WzQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPI3oMTIYjCfg3Pc2E1YHpuP4-xzfGwrnXB6mudDTnVP_ZF93l2P6YPrLTw5KQ0N8z-O8Wwqm9z0gNN58YhGoNHSuSYN_G-5VQ
date
Wed, 02 Feb 2022 08:12:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephRdhcvqlZnlZ0CmJWVOFGqIv0Jie7IQwPN4N2rlfd2z-gNCoS5c0IHcZisAtH5nWEwxB...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephRdhcvqlZnlZ0CmJWVOFGqIv0Jie7IQwPN4N2rlfd2z-gNCoS5c0IHcZisAtH5nWEwxBUdzEA&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLyj8YjgtYLr9-FF-S9d_1ephRdhcvqlZnlZ0CmJWVOFGqIv0Jie7IQwPN4N2rlfd2z-gNCoS5c0IHcZisAtH5nWEwxBUdzEA&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 08:12:48 GMT
sync
ssbsync.smartadserver.com/api/ Frame A9C3 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUmCT_hUUd_o93GANsJ5CE&google_cver=1&google_push=AYg5qPLk19QgBurcqc40tu8yGD-zOEga-xMD8N_Jo3JGkcuI2Is21VnYThtMgDDUzff9M5geyaagtkxs9icJN6QutgIUZ5jKKuctzg
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiK...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiK...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtb...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPICz1AzpeCkuSWqgGCxXUf-VaFPUCfHTUpdovXazNUfJuqHtbiKwOb58K4Bs8xME5HlvYCTSmHyZwoDDHNlWJnm3Q6U3u6zrqs
date
Wed, 02 Feb 2022 08:12:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A9C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCx...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCx...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6Qq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCxdgqDEdKZvOjD3KgYEkBqxS3Wtqzso
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKmzoEfcmw0GrCIHmLNf4Acd_DTAeTPgOcblcyzuZ3Zx_qtIc6QqvAGVuBsK_NxpvgFCxdgqDEdKZvOjD3KgYEkBqxS3Wtqzso
date
Wed, 02 Feb 2022 08:12:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame A9C3 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFgmhMKWJMDvoxf57sBVu99Fl-HiRJwu3SGSWtlDwNcPiK3R8HRC_Gq3YaG8Ya62w0Op9f-1k
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gg_pixel
sync.adaptv.advertising.com/ Frame 3CBB 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEIzv2LLgPA1Jl_hElYyc6og&google_cver=1&google_push=AYg5qPI4mGgOauCncp2515KfghtXquZstF7RA8J2kVXWpYQ2WqcvHvlSAnmRKC7c3yONBXbWsWjDjxqMsn4ybFyYpXLsoelXOP-l
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.165.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-165-208.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
dds
rtb.openx.net/sync/ Frame 3CBB 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECErTVRXVJOemoveylIXHI4&google_cver=1&google_push=AYg5qPITKtZsEAvBTwwl2nG-bvTtiRf4eLi6oi0HU4U8SjbRfM1LzzHKYSMLoU-vP9XPz3eTBhNMjsTi5xMy2kch01DyAJqDq_c
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0n0g1pohb40a6tkb1vq2h66j2srrbojg
pixel
cm.g.doubleclick.net/ Frame 3CBB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwG7G0We5Z2DRd3P0XbBM1OF2IBuq-ZWZbyh2NE41g6ubxiiUZBB59OZAiHWChwhwqHw0bRlhP-ipt3a2iL9pBOJjqMXeH
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwG7G0We5Z2DRd3P0XbBM1OF2IBuq-ZWZbyh2NE41g6ubxiiUZBB59OZAiHWChwhwqHw0bRlhP-ipt3a2iL9pBOJjqMXeH
date
Wed, 02 Feb 2022 08:12:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3CBB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QO...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QOL3o7CFetGiFJRqo7Lr8eLD9PU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QOL3o7CFetGiFJRqo7Lr8eLD9PU
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPLJs2-ntlksih2FFpPszY3v-hBq2pnq5b6dXYQdgwNdY-8rMESS4a1B7_0ft2MYfZpP4QOL3o7CFetGiFJRqo7Lr8eLD9PU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3CBB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE86Bpm_oND52b27FelIwC0&google_cver=1&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE86Bpm_oND52b27FelIwC0&google_cver=1&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80&google_hm=43ca6a95119037558d0855c7
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80&google_hm=43ca6a95119037558d0855c7
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 02 Feb 2022 08:12:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL-j92QYRcc6pFwT2x3D80yVAv4yslGLRGH9tE5gnL1qDgjhBSojiYdKAUbT_2APbEBmIVxprdvipXoJmsHx1gQCEjEz80&google_hm=43ca6a95119037558d0855c7
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 3CBB
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96no...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96no...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIv43WCensaWe0Yyur8mjxU&google_cver=1&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlODVhZGFjYy04M2ZmLTExZWMtYTM0NS0wMjAzYTk3MWJkNGE%3D&google_push=AYg5qPJh1A7iFr_osqUFxuGR9RAb-DvdwPVoskqshrtLO4_ufeFQ96nohMmtnuYaIJr7WqQ5G6koIe81RmolpAB4PGgPj48smurDGQ
date
Wed, 02 Feb 2022 08:12:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3CBB
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEx_6BM1AM-0-27C-60CTyo&google_cver=1&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_RQ85aNFdgEVLxywPUcbRQkMN_8...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjUxYjZlNGYtYTc3YS00YTAxLTk2NjAtYmFhNjA2NGExOGQ3&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjUxYjZlNGYtYTc3YS00YTAxLTk2NjAtYmFhNjA2NGExOGQ3&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_RQ85aNFdgEVLxywPUcbRQkMN_8xFVtrNIf9xQsg
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjUxYjZlNGYtYTc3YS00YTAxLTk2NjAtYmFhNjA2NGExOGQ3&google_push=AYg5qPIiluajS9ozqApTIEFKI__R1kGEPV314ax_LTBxuW2Nh4gkZqIdQtV19G_RQ85aNFdgEVLxywPUcbRQkMN_8xFVtrNIf9xQsg
date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3CBB 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIARrXJxvE-3HAq_LzmLKpFNVKzX-sTWg6EvEJIq8sEBnLQfo8g2D2egmy6Rvd4XRNcG_fATI
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 79C5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIq2hRS-dMCwXWyoTC6ciOQ&google_cver=1&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag&google_hm=ODkyMjkzMjI0MTA5NTI4MTM3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag&google_hm=ODkyMjkzMjI0MTA5NTI4MTM3MQ%3D%3D
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Feb 2022 08:12:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ4T7XwDSVUprIlvinvvOLc_iuocerGkdiekXB2nprr8mF6XlyM56vJVcH60R607Yjkq1Go-2-AeG0G25r8izRfuejgag&google_hm=ODkyMjkzMjI0MTA5NTI4MTM3MQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 79C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SB...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SBMOsm7iPMf0aFxr4C_FOwRRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SBMOsm7iPMf0aFxr4C_FOwRRw
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPI9YqD3NXTSSmURGExuCyJ2PRIVXFfv367gKMqsjSuGZmpI_ox94_ZfYDrHlJDn9ccl6SBMOsm7iPMf0aFxr4C_FOwRRw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 79C5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe...
0
0
pixel
cm.g.doubleclick.net/ Frame 79C5
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA&google...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPId_l54lZ7HE-3dV92NJt5eMexR2UihKRddLfa4aHQmsz-X2sh0XIXrzTQgr445cZgqfk_zEc2n9UXvRrnJ6qHiURLLYA
date
Wed, 02 Feb 2022 08:12:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 79C5
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c3JGwV4YODv5i5nYfW9_91epDQfDZ4u7AfNhvckbynVEIHbCmGy7NOtV8Lx_lD1vKk
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c3JGwV4YODv5i5nYfW9_91epDQfDZ4u7AfNhvckbynVEIHbCmGy7NOtV8Lx_lD1vKk&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLWHW_Yhk6HyqOZh_V5d0KqD7c3JGwV4YODv5i5nYfW9_91epDQfDZ4u7AfNhvckbynVEIHbCmGy7NOtV8Lx_lD1vKk&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 08:12:48 GMT
sync
ssbsync.smartadserver.com/api/ Frame 79C5 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUmCT_hUUd_o93GANsJ5CE&google_cver=1&google_push=AYg5qPILGqUIZiZQre7-179bXxBSCHiJlYi_MoSXk8AJLUE9hIaFn_mzMuxDKzEXKG1K6BMEAbAvOnhmPAxPHCqLgIIqcJ-k7Q
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
/
onetag-sys.com/sync/i,19/ Frame 79C5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGNwe4bYjkr1PRvDIiI7y6U&google_cver=1&google_push=AYg5qPKOWgrjRRbr5rE3NfkcVub62m8ob0l-jCQ8pcz-hOnyiypzdsAT5d7b2JvkmikfkrgyBB5-fyb5fxo...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKOWgrjRRbr5rE3NfkcVub62m8ob0l-jCQ8pcz-hOnyiypzdsAT5d7b2JvkmikfkrgyBB5-fyb5fxo5bShM_G1ECceaUGk
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 79C5 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5DzyRzqE-eZvtQoY-m4vrGaeYeWDHRREg4LO0jX0tsyLY5Lc9iN7t3L1zb4BLtzRLspUUnQ
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJVNsVK_bu7P88mHr7zdoM&google_cver=1&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P-LhLYUOEAX-cTwrvQZKl2yaM9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P-LhLYUOEAX-cTwrvQZKl2yaM9
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD&google_push=AYg5qPKkWg2IIpPY-N1YrK7TwoytobptkBfBnPBcM1QHHb-U8Aju10dR7uAbu2BQifQZmRh8Z_P-LhLYUOEAX-cTwrvQZKl2yaM9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmi...
0
0
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEGNwe4bYjkr1PRvDIiI7y6U&google_cver=1&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
0
0
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDOujptoUQ9gP6ITHO5W21s&google_cver=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdCxy1jfUeHx2oXJmlU3gdjndqkmW3G9Z1_nWzzSJb2rQlcNgqXQVLNgFZPtlQmIPuuM9VE
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdCxy1jfUeHx2oXJmlU3gdjndqkmW3G9Z1_nWzzSJb2rQlcNgqXQVLNgFZPtlQmIPuuM9VE&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&mn_hm=Mjg2NzkxMTY4ODg4Mzk0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLaDxWLMjigApHCParUpYAdLdCxy1jfUeHx2oXJmlU3gdjndqkmW3G9Z1_nWzzSJb2rQlcNgqXQVLNgFZPtlQmIPuuM9VE&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 08:12:48 GMT
sync
ssbsync.smartadserver.com/api/ Frame 3DAC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUmCT_hUUd_o93GANsJ5CE&google_cver=1&google_push=AYg5qPIQVhft071gnQEx9lK0NlAGMUvDSxXwMTzIcn-qM2WD7HHwBw7im3YiGwk-zFgBn9orD5MrI4cla43DC7mHTxLr61H15T-0
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrC...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrC...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrCmMyZTLX-or63zypkOriMiWrTvF2Q
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPKqMjDzDri19wVrB52nV-y87wtf7WQqXeUhzNwGC-RJSKxnCQnFwtVz38kw8-7gGOUsrCmMyZTLX-or63zypkOriMiWrTvF2Q
date
Wed, 02 Feb 2022 08:12:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3DAC
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEx_6BM1AM-0-27C-60CTyo&google_cver=1&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1sKfrkiBxyJUvD9AsY-8a6_JWD5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDAxZDFkNGQtNTAwNi00ZjY2LWJiMWMtODU3NTBhODE2MjE0&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDAxZDFkNGQtNTAwNi00ZjY2LWJiMWMtODU3NTBhODE2MjE0&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1sKfrkiBxyJUvD9AsY-8a6_JWD5xnO0q1FLU59iA
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDAxZDFkNGQtNTAwNi00ZjY2LWJiMWMtODU3NTBhODE2MjE0&google_push=AYg5qPJP7sZNIdaN-ZlHQyuh1jZesYHXr3d6vjdEKg8lXF4oYXdHzNGn7e-QhA1sKfrkiBxyJUvD9AsY-8a6_JWD5xnO0q1FLU59iA
date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3DAC 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxCb_X50TgrQcEnaZMntC_3CuXaK3nbj-MzLWNYEZ2EVR1AXSHHDOF-Z5cN8bbYcR2e7HIAYw
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C57A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c9b0c3bfc9b8db0f38c20c7663ce76397979007a5f67d23f4982dc8118cd119

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EF00 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77a5fdc0f7915b51d7c0221c412b90387b4bccbeee874e34b4fa41bfb1e9ef43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 28F8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eed32c740668df9cf693ca264a5f7d856dde738afddc0dbd22b7dc9282ce43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1ABA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79df24155101e9c39dd756536cc80a66b7b2a3d77d3cf4321e790ff74617829f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 64CC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIq2hRS-dMCwXWyoTC6ciOQ&google_cver=1&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS9fUuF&google_hm=NDM4NTMzODE5MzQzNDU0OTgy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS9fUuF&google_hm=NDM4NTMzODE5MzQzNDU0OTgy
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Feb 2022 08:12:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI278y9vgRAQRgPaZrnDJPTvkYG3KEIrh0x99WV-5vAx5ZlgBsCjDrsn1KYzlKP6NiSkkzvJo4mBQiBS86Jn7unKTS9fUuF&google_hm=NDM4NTMzODE5MzQzNDU0OTgy
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame 64CC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECErTVRXVJOemoveylIXHI4&google_cver=1&google_push=AYg5qPLM8Gz389XqKjkh3zIz-eSoSYZBl1MdFMIA-EuDsh93COkxxcJ9nvHbqi8I6YSTgUU1T80vgYgSQgRt8ThCa0Hj4D-XFNk
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
vhhj4kooj4cm8huupq3qtjpm7e3ct5ll
pixel
cm.g.doubleclick.net/ Frame 64CC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwdgqfzCkjXyj6YyMbm6N31sikWwaPvKl2-FcxESDuLkwVFrm3S7AfcxS7WooohWC_PwBcalg9UItDka_hIaVkn9uE5Yg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwdgqfzCkjXyj6YyMbm6N31sikWwaPvKl2-FcxESDuLkwVFrm3S7AfcxS7WooohWC_PwBcalg9UItDka_hIaVkn9uE5Yg
date
Wed, 02 Feb 2022 08:12:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 64CC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEj...
0
0
pixel
cm.g.doubleclick.net/ Frame 64CC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFfZlaMdijSNH7hz72yKNcU&google_cver=1&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsceC4jf5cDVpbxkZ7XnOocDvP8URWJ_1bq7UH02
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsce...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsceC4jf5cDVpbxkZ7XnOocDvP8URWJ_1bq7UH02
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw&google_push=AYg5qPKcZBqM5fimQq3wWt1P4O-4t5sThkoSG_2_ne0NDw330lEDO-VbDO2ZQsceC4jf5cDVpbxkZ7XnOocDvP8URWJ_1bq7UH02
date
Wed, 02 Feb 2022 08:12:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 64CC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUmCT_hUUd_o93GANsJ5CE&google_cver=1&google_push=AYg5qPKIjdNMUZbugdjPmEZhGdcXKz3I_s9xl_IpcgHcVCI48EnQ7VJM7c4sCYFx8Jk0nj4Ftov7cbgvVUwgszKclzr16xBScW5C
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:47 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 64CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL2II7XwAanmczX0dOkWjsI&google_cver=1&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOUAxtODq5RaGy1I3HWc...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOUAxtODq5RaGy1I3HWculOqOEhLcrZgrirOU0PedjM0zECQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM3JjeTloRTJ1R2djbm5oaW4ycVI3ZGlsWDA0X0xkWn5B&google_push=AYg5qPK0JrKeOzwrJHI0tWiUrYOoYG1uGiGeoyuNTudX_vJvkaoP_SWOUAxtODq5RaGy1I3HWculOqOEhLcrZgrirOU0PedjM0zECQ
date
Wed, 02 Feb 2022 08:12:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 64CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzPyo1wXbGHHjQDvSBYhf5X8-daanKbu4JMAPCLThmx-JjCV15JqBjEV7d8ZUq80M6fB2Fbw
Requested by
Host: 70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
URL: https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
pagead2.googlesyndication.com/bg/ Frame 8429 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 20:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
388405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 20:19:23 GMT
sid
mug.criteo.com/ Frame D7A2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=2vFyA3wxR3pDdGdMNm90Y0xKQkVDWEpUcGZ3QzdYSDQ3QjlQL2NLZy80NEZoYWNZTzc1WFpiUXdqWTJOUGJXdzI1QmtwRUduN1o3SHpqei9BZm5vKzUxczUwdkUzWXgwOVZlZHVCOE92dG1TeDdDYkJKZ3A5R3BVdy9HYk...
439 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2vFyA3wxR3pDdGdMNm90Y0xKQkVDWEpUcGZ3QzdYSDQ3QjlQL2NLZy80NEZoYWNZTzc1WFpiUXdqWTJOUGJXdzI1QmtwRUduN1o3SHpqei9BZm5vKzUxczUwdkUzWXgwOVZlZHVCOE92dG1TeDdDYkJKZ3A5R3BVdy9HYkVXMnc2ODliandNMkNsZk94bmFiUWZxVGNheG9BZ3BGYmRmU0NmZVpaU3k4N0hZamo3amM3Qnp6ZGRJWWRiWC8zaCtkSEdjWTNDckhmLzZEdjVJVlpIZWVlMkJxekQzOHBUVU45UVRXa09vand4Tk1WK3FiYzRoV1YxNGN0QkZRYkdxZGdjcW5FbHRVb21SZk9RWnIzUnZYbFlaZW5sZz09fA&cppv=2
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fedc3713f146cc64540ddea48456d1d42e7e8207db60f0218ecea2a06abe44e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4164
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:47 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=2vFyA3wxR3pDdGdMNm90Y0xKQkVDWEpUcGZ3QzdYSDQ3QjlQL2NLZy80NEZoYWNZTzc1WFpiUXdqWTJOUGJXdzI1QmtwRUduN1o3SHpqei9BZm5vKzUxczUwdkUzWXgwOVZlZHVCOE92dG1TeDdDYkJKZ3A5R3BVdy9HYkVXMnc2ODliandNMkNsZk94bmFiUWZxVGNheG9BZ3BGYmRmU0NmZVpaU3k4N0hZamo3amM3Qnp6ZGRJWWRiWC8zaCtkSEdjWTNDckhmLzZEdjVJVlpIZWVlMkJxekQzOHBUVU45UVRXa09vand4Tk1WK3FiYzRoV1YxNGN0QkZRYkdxZGdjcW5FbHRVb21SZk9RWnIzUnZYbFlaZW5sZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2147
content-length
541
expires
0
generate_204
tpc.googlesyndication.com/ Frame 8429 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iEEv-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220131&jk=1159067201189241&bg=!BgWlBUHNAAYZkRhwGZE7ACkAdvg8Wh27gPK20l2BPLGt2R1QKOOUeCL2ZCyFYBaLZs1lIUdnLfC2MQIAAAB_UgAAAAJoAQcKALk5_ovTgRIZo23YJNpe3yBNSjiM69ZNigACdjhnN-8E_SH6DvkBSiro24XpPBQsiVj5M95UrL3vbN40PnZ3rpRtjY7U4_ZBZ19K6jV3aWxLtii8J3johmPYOiqR5NOTlLqtijyJTw7SQPpYBGPlrNYBje0InDIXThImr9bKLj6cskHXphLtnmEKPASAUi-5tol1FZpoCxqo6U1NUDvk94DkKFARju4zc2td7smrarMDX9v2UHCtooCwspkCrtGr4IIenEFj9UCAcIue3MPujpIz7xmk3yR8sRMc-unxUwiy3ONrEjdIO0fZ0B6b5cxebzO4tUiCztzxVk6EOwBAcuSBErJyuj7cgEBys5_oBFnehCsvDBvESDfFtylvEUzLcEeYUqMlI5eiXrGQzH-i5JACWUoLA1aVp_BLN1rkfJcUSKRV8WM9BnY72bvQn8yEGOU-IVd6Fjm6pUrq0-I6TtbiYEJJsIFHkWBZsRKVtD2iImshkKrb3OC4TRM5a8VC6VFUbZ_pe5VR8SBpz6UgXs4g45P5dn8iAELgcaouSsII6j7jO_AAlTssOf2VJGM3C4qyb2cqETjwFaklYt8bodsrr5kdwiUPYGq38gK35r9i4tx8kjFOJE1y41j100XJcK3KyrOPrIYjK3lrU7Ve2UzI5Y0rr9BLI_qzBfv86Hklcy5IvkO1mKnduQ1GywReaxwBr4mGda0OPizNFwvxEHCcjORQsUxBNip40GTgrWq_jHmTw7d5VKvgjM_kCVwx_R3Inp_rvm673IugrhJWMwuGK4pNjlSOPNApvE8hFLXeJMD0Ds3BEMYFjmeErYI4YZFBLCt1_c9IM5KvQLY3bkANn1kHIN1W3hYwnGrrSRFo9-kAc2xPCKvE-5vqu6MtchxXyOQBivmOymUuFCkIu0Y1_xbajeI3u9mhTcFg1kMXDvWIUQKf3Wqg7YMi2eMYOGIkCSqn3ie_G-sT4dOZ0JIoWvkVDXPOQJT-MXpw0TnPhMkVabH6NsABLMzGlYOGE0HzwFhUJqgIy8v2cZoezvt-FAOYWrk5S_5T2EKcgtRxQmvkNXiBrLFP55SXVY7tthvgdWv-WDXT-Twbprm0nsQNVS1ouWWhNvlUVIwNmoAYGHet1fbhb-AQmrcHiEXLyqxbrGRnjotlGgQ1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5656 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLQWkLAkbRucry9EyEL9UsXLO5p8ZN2y6imLRPzCLO8NM43TBku54mk16vMsImHVozxFdJQAp2tzSTWFVyzoNqzFoMHOdNWTk_WDIaDZvbohC3bLm1sw&sai=AMfl-YQM-F2SLspzcemmOtu6wPtBpdoIykwOcdil2FjcOfKNKkoBe0Lrgx5aD6PZVDXJ73qZjPOxs2vfq9_n&sig=Cg0ArKJSzJ5rCncVkBxpEAE&id=lidar2&mcvt=1000&p=0,0,280,1158&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3401160548&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643789566233&rpt=1055&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 28F8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugKkJnavKC37nTWWkRhBbcgzOif7kRK6h_cKziC32hiHQkHSVbYU8lsy_VfNIUeJKNfkj3m4SeNk1IB10snzYH1x0d4ZCPW5vV9QWivr5Ykgu0ZPZ2Hxgvfo2aDVvuFldr4OWlldUCVPkD&sai=AMfl-YTGmHZik45Oc-KuKjNkUC0VoDdc7CC1pvVKaCi69gFgFxofA9t_cYPvdpu75MvaN58ChlFvoZnHLz4IwTBZ2wWrz-keL-8-CR-7MqqKjMsGDXaOVakeUYYc_Uls&sig=Cg0ArKJSzCNnQbsKF8_DEAE&cid=CAASF-RoiBGZtdtuT1RGFLGeH0XVC4WbDeN1&id=lidar2&mcvt=1000&p=522,242,612,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1058625133&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643789567641&rpt=413&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EF00 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteLHtzpRP59GwqbfPNh_FimabMO0Gbpgw993T0K-KoODkmv-c3hSH_JMPVHtQbCbkcFkFv82s6VV-Pd-qPyoDCCEaXmRm2_Uqg8qCQUcxkWX_07RzJgcgTI9tO28EY_-OZTbqxBivx_QN9&sai=AMfl-YRvF44hGiooaWDBjREdDXPBT2i4Ew9NK9h5nrkA6-LTf0XUvhKNLx5o7gL24ofmOwVtzmB_KaDn4e8kEflwBW6ACzPbKrP9AUYJ8Y4X65VeDfULk6zZ7NXHeX6z&sig=Cg0ArKJSzAkWaV8ccp-xEAE&cid=CAASF-RoaBHrF3HPP14VnYAouo-TsXcgZqun&id=lidar2&mcvt=1003&p=453,1073,1053,1373&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1436553605&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643789567635&rpt=415&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 21E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Feb 2022 08:12:52 GMT
Date
Wed, 02 Feb 2022 08:12:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 056D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
99747dec5e7e5fb87eea9bd12c7ada11a0e864705927d4d87e71ffc3cb27647d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
text/html; charset=utf-8
content-length
459
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
/
onetag-sys.com/usync/ Frame F44D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1643789566781
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame F9F5 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
uquIWeLKm+eUzAv/YpULCWB8DU375J80JGDK1dWPRu+u66YB1W3GK4ivmmd0nE3Rr5vFtEnWcb8=
x-amz-request-id
WGPEE4CFT0MNNSKR
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0UAP6YQAAAABCYbjOiDZzSaZrJHhVth9wQU1TMDRFREdFMTgxMwA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0Aj36YQAAAAAFmUMF3CAlRb/o6Jx6qT1DRlJBRURHRTEwMTAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Wed, 02 Feb 2022 08:12:49 GMT
usync.html
eus.rubiconproject.com/ Frame 2E0E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 08:12:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame E34C 		233 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1643789400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
text/html; charset=utf-8
content-length
233
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"e9-GZ2E7tKvySh01E1LZd6JDT9X13Q"
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
generic
match.adsrvr.org/track/cmf/ Frame 056D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
eb2.3lift.com/ Frame 056D
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 056D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 056D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ0OTc4MTU4OTA0Njg3NDMyODUw
date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 056D 		0
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=344978158904687432850&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:49 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6A88976E93D648C9BFC7F77A0F368E06 Ref B: VIEEDGE1306 Ref C: 2022-02-02T08:12:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXXBJVrIgmBQzstxS6hdw==
xuid
eb2.3lift.com/ Frame 056D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/344978158904687432850?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bu1gQU9E2oQ2pp2EzgGYrJ_GWGDkjjuNaQpYRCveUw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bu1gQU9E2oQ2pp2EzgGYrJ_GWGDkjjuNaQpYRCveUw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bu1gQU9E2oQ2pp2EzgGYrJ_GWGDkjjuNaQpYRCveUw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 056D 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=344978158904687432850&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.84.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-84-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 056D 		42 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=344978158904687432850&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:49 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A648C51454546E4BC9A75FE006E52FF Ref B: FRAEDGE1210 Ref C: 2022-02-02T08:12:50Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 056D
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=344978158904687432850
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=344978158904687432850&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=344978158904687432850&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ANF0SS860FN7T2VRE7P4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=344978158904687432850&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 056D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 2E0E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38241
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:11 GMT
async_usersync
ib.adnxs.com/ Frame 21E8 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c3ffd572-b10c-4d3a-8a88-e5b83b7999ad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 7087 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b3c7aaf1abc33a7fd03aeb9b3a211d0443d6f4bffd9b5747b2b2748c8722e5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"07bfcf0e50bdbf585a2e7819a37248e4e"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 3B89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Wed, 02 Feb 2022 08:12:49 GMT
/
onetag-sys.com/usync/ Frame A063 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 708C 		943 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8684b730e3fe0c0386e7a3ea27e9fc956ee97fe9503bcfa547dd4bba4ceadf32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Wed, 02 Feb 2022 08:12:49 GMT
content-type
text/html
content-length
943
usermatch
ssum-sec.casalemedia.com/ Frame F176 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8d848247c8706e5b7ccdc659f4be62bfcce1447d34d87b2200b2a5d106b6ccc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|111|152|176|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 02 Feb 2022 08:12:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Content-Length
1536
Connection
keep-alive
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7369271105066138859
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7369271105066138859
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
34059a6a-b9f9-4980-b058-e3fc796cf416
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7369271105066138859
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=43ca6a95119037558d0855c7
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=43ca6a95119037558d0855c7
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=43ca6a95119037558d0855c7
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643789570264
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=824521097
  • https://sync.1rx.io/usersync/tradedesk/3cd50a9e-3724-4b5e-85c0-16da0597e344
  • https://sync.targeting.unrulymedia.com/csync/RX-41df737c-f8fc-4082-a490-a34f5019f694-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-41df737c-f8fc-4082-a490-a34f5019f694-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
date
Wed, 02 Feb 2022 08:12:50 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41df737cf8fc4082a490a34f5019f694003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame F9F5 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.253.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-253-249.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588519407665678
0
0
usa
sync.go.sonobi.com/ Frame F9F5 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=f5d5c7eb-9888-43e3-ab91-7a63b9734687&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=f5d5c7eb-9888-43e3-ab91-7a63b9734687&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=f5d5c7eb-9888-43e3-ab91-7a63b9734687&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F9F5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-8QjVchBE2uHpqfl4gD6Bfz4SghtcDqgmXCGqB.c-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-8QjVchBE2uHpqfl4gD6Bfz4SghtcDqgmXCGqB.c-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-8QjVchBE2uHpqfl4gD6Bfz4SghtcDqgmXCGqB.c-~A
date
Wed, 02 Feb 2022 08:12:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
fltiu.js
pixel.yabidos.com/ Frame E34C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 16:06:54 GMT
server
cloudflare
age
1107
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d71f4ee0cb99156-FRA
content-length
1168
expires
Wed, 02 Feb 2022 10:12:50 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame E34C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=3cd50a9e-3724-4b5e-85c0-16da0597e344
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=3cd50a9e-3724-4b5e-85c0-16da0597e344
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Protocol
H2
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=3cd50a9e-3724-4b5e-85c0-16da0597e344
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
sync
ads.servenobid.com/ Frame 708C 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=108465542461246711&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 708C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329561fa-3d02-4400-90f5-5ff0e1d4ba61&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329561fa-3d02-4400-90f5-5ff0e1d4ba61&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:49 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329561fa-3d02-4400-90f5-5ff0e1d4ba61&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 08:12:49 GMT
pixel
cm.g.doubleclick.net/ Frame 708C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTA4NDY1NTQyNDYxMjQ2NzEx&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTA4NDY1NTQyNDYxMjQ2NzEx&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTA4NDY1NTQyNDYxMjQ2NzEx&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 02 Feb 2022 08:12:49 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
b1sync.zemanta.com/usersync/smart/ Frame 708C 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
/
s.ad.smaato.net/c/ Frame 708C 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
5XqXyFfOF0O7-CIvXymCUqkVQVNK83ktFfyjSadyynUqQg8Yxf3Nug==
x-cache
FunctionGeneratedResponse from cloudfront
pixel
cm.g.doubleclick.net/ Frame F176 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F176 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F176
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T3QFBWPRY8S6F37JJJSC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RKEED6XF26PPXY9YDKQQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F176
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yfo9ALx4MYZX5dh2.bIupgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmVifWGF_2-wWJR7x4-Ej0&google_cver=1&gdpr=1&google_hm=2
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmVifWGF_2-wWJR7x4-Ej0&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 08:12:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmVifWGF_2-wWJR7x4-Ej0&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame F176 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame F176
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=df713142-2849-4035-8aed-2bbfb371833c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=df713142-2849-4035-8aed-2bbfb371833c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 08:12:50 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=df713142-2849-4035-8aed-2bbfb371833c
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
113
match.deepintent.com/usersync/ Frame F176 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:49 GMT
content-length
0
server
c
cookiesync
bttrack.com/pixel/ Frame F176 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
ads.servenobid.com/ Frame F176 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
v1
ads.yahoo.com/cms/ Frame 2E0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ59V79A-D-CT7C&sigv=1&esig=2~91e93b279639e799b08b84354a993dd4594ac59a
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ59V79A-D-CT7C&sigv=1&esig=2~91e93b279639e799b08b84354a993dd4594ac59a
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ59V79A-D-CT7C&sigv=1&esig=2~91e93b279639e799b08b84354a993dd4594ac59a
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2E0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o1OVY3OUEtRC1DVDdD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2E0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Yfo9AgADGQhXmwAy
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfo9AgADGQhXmwAy&_test=Yfo9AgADGQhXmwAy
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfo9AgADGQhXmwAy&_test=Yfo9AgADGQhXmwAy
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643789570.390823,VS0,VE0
x-served-by
cache-hhn4022-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfo9AgADGQhXmwAy&_test=Yfo9AgADGQhXmwAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2E0E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c60961fa-3d01-4500-bdb4-1520fcf11d1a
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 08:12:49 GMT
709414.gif
id.rlcdn.com/ Frame 2E0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame 2E0E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 2E0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELFgSsOsxUVnsta0p6clNgk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELFgSsOsxUVnsta0p6clNgk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELFgSsOsxUVnsta0p6clNgk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk1ZTg0YzViNGFlNjA1NmNiNjkyYTU5MjVjM2Y0ZTUxMTkzODQyNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk1ZTg0YzViNGFlNjA1NmNiNjkyYTU5MjVjM2Y0ZTUxMTkzODQyNg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk1ZTg0YzViNGFlNjA1NmNiNjkyYTU5MjVjM2Y0ZTUxMTkzODQyNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
flimpobj.js
pixel.yabidos.com/ Frame E34C 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1643789570262&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=a988b6qgs9fp&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 16:06:54 GMT
server
cloudflare
age
1110
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d71f4ee2d2b9156-FRA
content-length
24217
expires
Wed, 02 Feb 2022 10:12:50 GMT
vbl.gif
pre.glotgrx.com/ Frame E34C 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1643789570356&rnd=a988b6qgs9fp&ifm=1&uai=1&cid=1041&s=filecr.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 16:06:46 GMT
server
cloudflare
age
1490
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d71f4ef299b83a3-MXP
content-length
26
expires
Wed, 02 Feb 2022 10:12:50 GMT
nflrc.gif
pre.glotgrx.com/ Frame E34C 		26 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1643789570333997&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=filecr.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=a988b6qgs9fp&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=23&icp=https%253A//filecr.com/&irfl=23&irf=https%253A//filecr.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-10-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=33
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1643789567084&secure=true&version=9&uuid=25041520-2926-4ecb-b8fe-b84fc7d1fcdf&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94814568576
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 16:06:46 GMT
server
cloudflare
age
4952
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6d71f4ef299f83a3-MXP
content-length
26
expires
Wed, 02 Feb 2022 10:12:50 GMT
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7369271105066138859
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7369271105066138859
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
487e8f62-c0cd-4776-a726-ed8d87e40eaa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7369271105066138859
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8759b905-a7a2-5321-8dbb-dac6ec41e7c4&ssp=gumgum2&expires=30&user_group=1
  • https://rtb.gumgum.com/usersync?b=bsw&i=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
Date
Wed, 02 Feb 2022 08:12:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 7087
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28y7YaRo_MSu89RprmB1YLvOFvEr1y5FxIhsC67ccV17ZgGLwhjVJZnZtfrar5azts%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1136b25b-a415-44db-8c61-528fbefa6fbb&obuid=ENC(y7YaRo_MSu89RprmB1YLvOFvEr1y5FxIhsC67ccV17ZgGLwhjVJZnZtfrar5azts)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7060022444665469082
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7060022444665469082
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 08:12:51 GMT
Cache-Control
no-cache
X-TraceId
628833d7bb57481109408585ef7499e2
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7060022444665469082
Date
Wed, 02 Feb 2022 08:12:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=892343b6-1827-493c-a3ec-22c4b49f3efb
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=892343b6-1827-493c-a3ec-22c4b49f3efb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=892343b6-1827-493c-a3ec-22c4b49f3efb
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-12853e9d-a79d-49e6-6e61-64510a2cb84d$ip$217.64.151.7
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-12853e9d-a79d-49e6-6e61-64510a2cb84d$ip$217.64.151.7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-12853e9d-a79d-49e6-6e61-64510a2cb84d$ip$217.64.151.7
Date
Wed, 02 Feb 2022 08:12:50 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-T8VOUNNE2pf5kJZxcJsU65PcQcXZIsfAK6Ot~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-T8VOUNNE2pf5kJZxcJsU65PcQcXZIsfAK6Ot~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-T8VOUNNE2pf5kJZxcJsU65PcQcXZIsfAK6Ot~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=e9fe0358-83ff-11ec-8a96-67f41156c3d5
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=e9fe0358-83ff-11ec-8a96-67f41156c3d5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=e9fe0358-83ff-11ec-8a96-67f41156c3d5
Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
e9fe0359-83ff-11ec-8a96-67f41156c3d5
services
sync.technoratimedia.com/ Frame 7087 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
374307070
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7087 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1136b25b-a415-44db-8c61-528fbefa6fbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=tDqj8K_Q30b0His--dfF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25CEOFVDQS27KEZTAYRQJBUXGLJNMRTEMJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=tDqj8K_Q30b0His--dfF&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=tDqj8K_Q30b0His--dfF&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=tDqj8K_Q30b0His--dfF&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=ee4f2a14-18b5-4243-ba0b-d0de3e01409e
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=ee4f2a14-18b5-4243-ba0b-d0de3e01409e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=ee4f2a14-18b5-4243-ba0b-d0de3e01409e
date
Wed, 02 Feb 2022 08:12:50 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41df737c-f8fc-4082-a490-a34f5019f694-003&rndcb=2882804805
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e&google_hm=MTNkY2YzYmYtMGY1My00MmZmLTg2ODktZWEzMDFmY2Y1...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBTNh42A8mE40O1w6Xfkm-E&google_cver=1&ssp=adconductor&bsw_param=13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
  • https://sync.1rx.io/usersync/bidswitch/13dcf3bf-0f53-42ff-8689-ea301fcf5b8e?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-41df737c-f8fc-4082-a490-a34f5019f694-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-41df737c-f8fc-4082-a490-a34f5019f694-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-41df737c-f8fc-4082-a490-a34f5019f694-003
date
Wed, 02 Feb 2022 08:12:50 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41df737cf8fc4082a490a34f5019f694003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 7087
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=sTLI5anQJ8oT&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=sTLI5anQJ8oT&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=sTLI5anQJ8oT&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-67774fc8c-hjnrz
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 7087 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-length
0
sync
ads.servenobid.com/ Frame 7087 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_1136b25b-a415-44db-8c61-528fbefa6fbb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame CD6A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Expires
Wed, 02 Feb 2022 08:12:49 GMT
usersync
rtb.gumgum.com/ Frame 0F3B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=Yfo9AgADGQhXmwAy&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=Yfo9AgADGQhXmwAy&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=Yfo9AgADGQhXmwAy&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 varnish
x-served-by
cache-hhn4022-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643789570.392767,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7568 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMTM2YjI1Yi1hNDE1LTQ0ZGItOGM2MS01MjhmYmVmYTZmYmI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Wed, 02 Feb 2022 08:12:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 11FC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=80919
expires
Thu, 03 Feb 2022 06:41:29 GMT
date
Wed, 02 Feb 2022 08:12:50 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 39B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 02 Feb 2022 08:12:50 GMT
usersync
rtb.gumgum.com/ Frame 903F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=3cd50a9e-3724-4b5e-85c0-16da0597e344&t=1646381570
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=3cd50a9e-3724-4b5e-85c0-16da0597e344&t=1646381570
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=3cd50a9e-3724-4b5e-85c0-16da0597e344&t=1646381570
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 0450
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 08:12:50 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Wed, 02 Feb 2022 08:12:50 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 8934 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Wed, 02 Feb 2022 08:12:49 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 546A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Yfo9A8Co5s4AAN8eEikAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Yfo9A8Co5s4AAN8eEikAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 02 Feb 2022 08:12:51 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 02 Feb 2022 08:12:51 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Yfo9A8Co5s4AAN8eEikAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
53
X-SO-HostName
a-ad40051.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Yfo9A8Co5s4AAN8eEikAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40051"}
X-SO-Key
Yfo9A8Co5s4AAN8eEikAAAAA
X-SO-IP
217.64.151.7
X-SO-Cluster-ID
0
X-SO-Upstream-ID
a-ad40051
usersync
rtb.gumgum.com/ Frame E87F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=j25hmhbmPeb0o4N6N142&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=j25hmhbmPeb0o4N6N142&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT Wed, 02 Feb 2022 08:12:50 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=j25hmhbmPeb0o4N6N142&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 0450 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38241
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 11FC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6705878&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b32b49a652cf4891a34f3f83a869583c7c2f680fa66289ec3729a178eddb963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel.rubiconproject.com/exchange/ Frame 0450 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KZ59V79A-D-CT7C
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 8284
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame AFBF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1534326959032289301
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1534326959032289301
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug015:0:398
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1534326959032289301
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 98CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug008:0:534
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&gdpr=0&gdpr_consent=
Expires
Wed, 02 Feb 2022 08:12:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B0A3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug027:0:653
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 02 Feb 2022 08:12:50 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Wed, 02 Feb 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1554059
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame F2B1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7060022444665469082
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7060022444665469082
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug006:0:498
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Feb 2022 08:12:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7060022444665469082
usersync
rtb.gumgum.com/ Frame 9E63 		35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.252.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-252-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 11FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t0sVGeuyTdGhmCwkntCz7w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80919
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 03 Feb 2022 06:41:29 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c60961fa-3d01-4500-bdb4-1520fcf11d1a
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Feb 2022 08:12:50 GMT
Server
MT3 4133 baa842e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c60961fa-3d01-4500-bdb4-1520fcf11d1a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 08:12:49 GMT
mw
mwzeom.zeotap.com/ Frame 11FC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3bf965d7c8087c4e3a2d927f57263335
  • https://spl.zeotap.com/?zdid=1332&zcluid=b64d1c5df1a2071b
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-46331247bc21&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPmQwKvakFEwBZrsjt03GeI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-463...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEPmQwKvakFEwBZrsjt03GeI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-46331247bc21&zcluid=b64d1c5df1a2071b&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d71f4f1e87f83b8-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEPmQwKvakFEwBZrsjt03GeI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d8f82600-f1b4-4f92-5362-0b2628d47b2b&reqId=06863c2a-ad54-426b-5958-46331247bc21&zcluid=b64d1c5df1a2071b&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qjc0QjE1MTktRUJCMi00REQxLUExOTgtMkMyNDlFRDBCM0VG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:885
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJWDI402EzKt4ctg-s6L9Uc&google_cver=1
42 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJWDI402EzKt4ctg-s6L9Uc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug030:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJWDI402EzKt4ctg-s6L9Uc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 11FC 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Feb 2022 08:12:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1434781866090427069
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1434781866090427069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1434781866090427069
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cd50a9e-3724-4b5e-85c0-16da0597e344
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cd50a9e-3724-4b5e-85c0-16da0597e344
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:538
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 08:12:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cd50a9e-3724-4b5e-85c0-16da0597e344
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 11FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7369271105066138859&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7369271105066138859&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:12:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug029:0:516
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:50 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
531169c3-4121-4420-be27-8a497471abeb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7369271105066138859&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 21E8 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 08:12:51 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1aa38926-4ae2-4ae1-9033-09847dbc6850
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=324&uid=5144588519407665678

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| cppVars undefined| $ function| jQuery object| advads_options object| advads number| advadsCfpExpHours number| advadsCfpClickLimit number| advadsCfpBan string| advadsCfpPath string| advadsCfpDomain object| advadsCfpQueue function| advadsCfpAd object| _mNHandle string| medianet_versionId string| medianet_chnm object| medianet_misc function| gtag object| dataLayer object| adsbygoogle function| advanced_ads_check_adblocker object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| __SVG_SPRITE__ object| ratingPlugin object| Confirm object| notification object| ShPublic function| updateQueryStringParameter function| setCookie function| onlyUnique object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| advads_admin_bar_items object| advads_has_ads object| QrqsNoTjE29e function| _0xe10c object| twemoji object| wp object| advadsProCfp object| google_tag_manager object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| hbCMBidxc function| _cR function| _cD object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| bsagpt object| bsaheaderbid function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| Criteo object| google_llp object| sas object| apntag object| _ADAGIO string| mantis_uuid object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_js_items object| GoogleGcLKhOms object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_118 object| Criteo_prebid_118

107 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQrqD5y-svCgoI4gEQrqD5y-svCgoI5gEQrqD5y-svCgoIhwIQrqD5y-svCgkICRCuoPnL6y8KCQg6EK6g-cvrLwoJCAsQrqD5y-svCgoIjAIQrqD5y-svCgoIngIQrqD5y-svCgkIXxCuoPnL6y8=
.mrtnsvr.com/sync Name: userId
Value: 7DLYbC5fM
filecr.com/ Name: PHPSESSID
Value: grv9p0s7g4aqep9dphvvpubeq5
filecr.com/ Name: advanced_ads_browser_width
Value: 1600
.filecr.com/ Name: _ga
Value: GA1.2.1007613521.1643789566
.filecr.com/ Name: _gid
Value: GA1.2.137557480.1643789566
.filecr.com/ Name: _gat_gtag_UA_139662474_1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYASABKAEw_vnojwY4AUABSAEQ_vnojwYYAA..
.adnxs.com/ Name: uuid2
Value: 7369271105066138859
.rubiconproject.com/ Name: khaos
Value: KZ59V79A-D-CT7C
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqfYaJg+W1c0Dpcd3HBZZ775PzI6EyVJjlVAthPpLFZy3T7cLh+zK0xTLQpDmHaqIlo2B05UvZjL5aXonjhrrvlsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUmviax9uxWruBYpvy5Z3OTGIeR5nSOIP81DJwSuWXaij4QLIWuFClZD57vL-nM
.doubleclick.net/ Name: DSID
Value: NO_DATA
.filecr.com/ Name: __gads
Value: ID=ffff60a581cbbc00:T=1643789566:S=ALNI_MbFZNCrdsyJHULMtrbs-y96XLcFng
.criteo.com/ Name: uid
Value: a554e594-0012-409e-9059-2ccd98a88255
.3lift.com/ Name: tluid
Value: 344978158904687432850
.advertising.com/ Name: APID
Value: UPe85adacc-83ff-11ec-a345-0203a971bd4a
.sharethrough.com/ Name: stx_user_id
Value: d01d1d4d-5006-4f66-bb1c-85750a816214
.lijit.com/ Name: ljt_reader
Value: 43ca6a95119037558d0855c7
.casalemedia.com/ Name: CMPS
Value: 5201
.yahoo.com/ Name: A3
Value: d=AQABBP88-mECEPclNppLX5jVz536GPDGwvIFEgEBAQGO-2EEYgAAAAAA_eMAAA&S=AQAAAkmjB1ZScdVZewQ7J3jjhFk
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B74B1519-EBB2-4DD1-A198-2C249ED0B3EF
.media.net/ Name: data-g
Value: CAESEDOujptoUQ9gP6ITHO5W21s~~3
.casalemedia.com/ Name: CMID
Value: Yfo9ALx4MYZX5dh2.bIupgAA
.casalemedia.com/ Name: CMPRO
Value: 1142
.filecr.com/ Name: cto_bundle
Value: IoUR519ybndrV3hRb0xqU1hIazRsMDIlMkJXNGJOM3pLUHdIanYyT0V0Uk41NGptQmJYNXYlMkJkSVZtS21sR3VGNjFKOWElMkJsNGE0UjdOaHBsOGx4bUdCdlN3VUJZSUJZN2hwaXpVU3pQb0xSZUZPa01Pd3g1clpyc1NXOXJIVkxEcUY3YW9CaiUyRjJYTWFSVlg2czAlMkIwVUhnZSUyQlBrJTJCUSUzRCUzRA
.media.net/ Name: visitor-id
Value: 2867911688883942000V10
.bing.com/ Name: MUID
Value: 23FC35678F636074225124588EB16127
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2308:18wq~2308:196n~2308"
.smartadserver.com/ Name: pid
Value: 108465542461246711
.casalemedia.com/ Name: CMST
Value: Yfo9AGH6PQIA
.adsrvr.org/ Name: TDID
Value: 3cd50a9e-3724-4b5e-85c0-16da0597e344
.servenobid.com/ Name: pid_337
Value: y-8QjVchBE2uHpqfl4gD6Bfz4SghtcDqgmXCGqB.c-~A
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_317
Value: 108465542461246711
.servenobid.com/ Name: pid_333
Value: Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDQxMDczMzUztxDiM9TNyHFNTvdLjTLJ8jEFACxf9qUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmJsbmFpam5gZGEGAHW7SlEQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDQxMDczMzUztxDiM9TNyHFNTvdLjTLJ8jGV4jU0MzE2t7A0NTcwsjAFAATclG80AAAA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3469adcc-fa4a-47a5-8664-a0446d31f738"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDM3ODk1NzA7MjswMjGYJbqYbHudP1JUQIu7KgYPfmSdeyDil9yljxr6i6Etng==
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1643789570:t=1643875970:v=2:sig=AQEidJMtNBXblV5bz-LU7WH3GJX4vSN8"
.mathtag.com/ Name: uuid
Value: c60961fa-3d01-4500-bdb4-1520fcf11d1a
.servenobid.com/ Name: pid_310
Value: 43ca6a95119037558d0855c7
.gumgum.com/ Name: vst
Value: e_1136b25b-a415-44db-8c61-528fbefa6fbb
.servenobid.com/ Name: pid_312
Value: 7369271105066138859
.smartadserver.com/ Name: csync
Value: 25:329561fa-3d02-4400-90f5-5ff0e1d4ba61
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yfo9AgADGQhXmwAy
.bidswitch.net/ Name: tuuid
Value: 13dcf3bf-0f53-42ff-8689-ea301fcf5b8e
.bidswitch.net/ Name: c
Value: 1643789570
.bidswitch.net/ Name: tuuid_lu
Value: 1643789570
.servenobid.com/ Name: pid_309
Value: e_1136b25b-a415-44db-8c61-528fbefa6fbb
.openx.net/ Name: i
Value: adb2d89f-99b5-4e9d-9e41-fac118e80c40|1643789570
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41df737c-f8fc-4082-a490-a34f5019f694-003%22%7D
.creativecdn.com/ Name: u
Value: j25hmhbmPeb0o4N6N142
.creativecdn.com/ Name: ts
Value: 1643789570
.servenobid.com/ Name: pid_321
Value: RX-41df737c-f8fc-4082-a490-a34f5019f694-003
.360yield.com/ Name: tuuid
Value: ee4f2a14-18b5-4243-ba0b-d0de3e01409e
.360yield.com/ Name: tuuid_lu
Value: 1643789570
.ads.pubmatic.com/ Name: KCCH
Value: YES
.a-mo.net/ Name: amuid2
Value: f5d5c7eb-9888-43e3-ab91-7a63b9734687
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: DPSync3
Value: 1643846400%3A174%7C1644969600%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1645056000%3A35%7C1646352000%3A203%7C1644969600%3A7_54_21_161_56_220_13_3
.postrelease.com/ Name: opt_out
Value: 1
.servenobid.com/ Name: pid_327
Value: f5d5c7eb-9888-43e3-ab91-7a63b9734687
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41df737c-f8fc-4082-a490-a34f5019f694-003%22%2C%22nxtrdr%22%3Afalse%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjU74DmuouzOhAFGAEgASgCMgsI1OeDk9GLszoQBTgBWghwdWJtYXRpY2AC
.adfarm1.adition.com/ Name: UserID1
Value: 7060022444665469082
.adform.net/ Name: uid
Value: 1434781866090427069
.onaudience.com/ Name: cookie
Value: b64d1c5df1a2071b
.onaudience.com/ Name: done_redirects104
Value: 1
.simpli.fi/ Name: suid
Value: 8F2D991741B64FD18034CEA3F0BC366C
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7060022444665469082
.pubmatic.com/ Name: PugT
Value: 1643789570
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3cd50a9e-3724-4b5e-85c0-16da0597e344&KRTB&22918-3cd50a9e-3724-4b5e-85c0-16da0597e344&KRTB&23031-3cd50a9e-3724-4b5e-85c0-16da0597e344
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&KRTB&16736-uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&KRTB&23019-uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a&KRTB&23208-uid:c60961fa-3d01-4500-bdb4-1520fcf11d1a
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJWDI402EzKt4ctg-s6L9Uc&KRTB&16514-CAESEJWDI402EzKt4ctg-s6L9Uc&KRTB&23025-CAESEJWDI402EzKt4ctg-s6L9Uc
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7369271105066138859&KRTB&23339-7369271105066138859
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1434781866090427069&KRTB&23263-1434781866090427069
.zemanta.com/ Name: zuid
Value: tDqj8K_Q30b0His--dfF
.de17a.com/ Name: guid2
Value: 1.1534326959032289301
.pubmatic.com/ Name: SPugT
Value: 1643789569
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1534326959032289301
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.casalemedia.com/ Name: CMRUM3
Value: f161fa3d0205a0&b061fa3d0205a00&9c61fa3d0205a00&2d61fa3d022760CAESELmVifWGF_2-wWJR7x4-Ej0&9861fa3d022760df713142-2849-4035-8aed-2bbfb371833c&e661fa3d022760&6f61fa3d0205a0&2761fa3d020b40
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 8759b905-a7a2-5321-8dbb-dac6ec41e7c4
.betweendigital.com/ Name: ss
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3bf965d7c8087c4e3a2d927f57263335
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME5KszQzTTFPtjCwME82STVONEqxNDJPMzU3MjM2NjZlAILEX7ZMIBoKAEmzCf8%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FGXLBKSgAAAVBAGb"
.outbrain.com/ Name: obuid
Value: 696c55fe-f915-4197-970c-939fa56f99f8
.onaudience.com/ Name: done_redirects219
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5fa90a912657ae4f
.ipredictive.com/ Name: cu
Value: e9fe0358-83ff-11ec-8a96-67f41156c3d5|1643789570728
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-12853e9d-a79d-49e6-6e61-64510a2cb84d.orkrLfVT4ts8uXdV9Cz9w7XZiM45zToxDl1kt8JUmOk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-12853e9d-a79d-49e6-6e61-64510a2cb84d%24ip%24217.64.151.7.QPmGrO2oWZ7CB2zceoLlnrJOZNKVNs0xkwf6F7hllkY
.betweendigital.com/ Name: ut
Value: Yfo9AgALfWjBGRBnDzW6UqCmfATK6uYJ21Eiag==
.zeotap.com/ Name: zc
Value: d8f82600-f1b4-4f92-5362-0b2628d47b2b
.zeotap.com/ Name: zsc
Value: %7C%BCGa%99%FB%B9%223%95O%24%CDC%B7%5B%3D%C9%F6%9B%CD%CEL%FF%E7Y%DD%D4%D5pGQ%DA%17i%24%12e%17%96%DA%F5%F0u8%C3%CE%5C%1Cf%B3%E5%09%F2%DE%9D5%9Dd%C3z%C6%60%F0%F4%B4%8A%C9%0C%25%29%FAEz%BA%B1pm~%AD%C5%9A%8A
.outbrain.com/ Name: actvagnt
Value: 7060022444665469082

8 Console Messages

Source Level URL
Text
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEIzv2LLgPA1Jl_hElYyc6og&google_cver=1&google_push=AYg5qPI4mGgOauCncp2515KfghtXquZstF7RA8J2kVXWpYQ2WqcvHvlSAnmRKC7c3yONBXbWsWjDjxqMsn4ybFyYpXLsoelXOP-l
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRj8C2-t4ntjdMzFvZ_3mlT2bDcWxb2l98u8ZD9S3lx9QBijX1B_dWPFzdEiP_qDlnzfHvP13h9jOBI-Ep99dwNnsuPhgz
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKA-gQGvH1o6WbXFockVNC-PsRCV7tmiqEUgmqnAo5YRqBTwLOWHz9aEH1i3EyG9ob6LL6PEMPmOsdO8bdlSYK7T77qIGc
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9ALx4MYZX5dh2-bIupgAABHYAAAIB&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1&google_push=AYg5qPKBZcGQUpvYHY1bu-KLdnJNswrY1fUEjYvr7RxF5Im2JcBz4Gfolfy9aVYm-xM_fKapgj-8QdEM87Aru4EAUqbY9l_2NVEb
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yfo9AFgxt-vd2WrN4786PQAABLgAAAIB&google_push=AYg5qPLFGy3-60iXx_2cu_MpXtelDLh_bir9k1iveVm2YE0bjZQ1mHhM73-NIV-6reRVzsxlMRNQd7PsF8M50CSNYe2VAXDynw&google_gid=CAESEI3hEyvaZTBY3RGO-OdwA-Y&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=7DLYbC5fM&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

70a4b657dc885e54395d000aeede82ab.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
filecr.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
webcrx.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.servenobid.com
cm.g.doubleclick.net
104.111.215.191
104.117.200.100
104.16.200.58
104.76.200.23
13.248.245.213
142.250.185.226
142.250.186.34
147.75.61.140
150.136.222.2
151.101.194.49
159.122.14.34
169.197.150.8
178.162.133.149
178.250.0.157
178.250.0.163
178.250.0.165
18.156.184.150
18.157.232.7
18.194.103.50
18.195.155.181
18.197.84.79
18.204.253.249
185.184.8.65
185.255.84.151
185.29.132.241
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.121
185.86.139.115
192.0.77.2
192.132.33.46
198.148.27.140
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
202.241.208.56
209.54.177.54
213.155.156.164
213.19.147.45
216.52.2.48
2600:9000:2057:8e00:1b:5138:8a40:93a1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:20::ac43:4bf1
2606:4700:3034::ac43:9465
2606:4700:3035::ac43:8bfc
2606:4700::6810:125e
2606:4700::6810:78c3
2606:4700::6812:372
2620:1ec:22::14
2620:1ec:46::44
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a02:2638::1c
2a02:2638::3
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
3.120.52.139
3.126.56.137
3.214.91.80
3.227.93.166
34.102.163.6
34.248.198.194
35.157.246.167
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.237
37.252.172.38
37.252.173.38
44.193.191.16
51.210.112.236
51.75.86.98
52.19.2.69
52.71.142.200
54.156.165.208
54.171.252.128
63.35.242.195
64.202.112.191
64.202.112.95
67.202.105.24
69.173.144.139
69.173.144.165
72.251.249.13
85.114.159.93
94.31.29.32
96.46.186.58
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06596d0531c207b45e37f007165756c672073c5d139b30848a83038aca587cee
0678d1e0138574c8715d30fc23650f975ebfca658d96e823fe7ba98b89260d45
09a0fc459d402edeb42eaf038520e8add27e118f4a0d771b20d1d323cde5870e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd647e5f70febaa00a3c6685031fd565accf42bc82671674aee7da7b0f7fe65
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b32b49a652cf4891a34f3f83a869583c7c2f680fa66289ec3729a178eddb963
1e547999e3990ae359d4551fd9f8fe3ca991deca77a6e15f2fb22d55613e68ea
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
263b3f8f1b673c323831e1ca70265ece8fcfa1476825166b46e18324877eef26
27db928f8c709b35ad57ebf9861ce524047078e7b7d15da57469ba3c6ca351aa
281a94665363187d46f9a3c597c5d9142d23a763600879f69da0bc1fe136cc75
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
2b15152787903e43768b0ae1484abaf315f56eae6097e5197d3c82815ac5217c
2b3c7aaf1abc33a7fd03aeb9b3a211d0443d6f4bffd9b5747b2b2748c8722e5b
2cb5ef98ed9a3c63e2986c9c90f21c4ba8ba28396343626a26811fd9d3bf7e40
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d0e45cfc96d36c09051dbfd5844f43f1cebb8e304d1256eea2b6169e06c7d74
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea
334f989f9df4f0cef73ec0201b686924b283aedb65bd27b0f17366ef40c44b63
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3580b27fde6bb27b66b54da12e2a6a53b9e9595feeed3e486e8e67e84fab69df
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3827e07bf022182c8097779998334ef63d458607c46d0338bdba90eadd0a9f27
38519c2b577e3bee0a43a7e434bc8cc45eae9caf344ab59d86ec6801b436d9ef
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c9b0c3bfc9b8db0f38c20c7663ce76397979007a5f67d23f4982dc8118cd119
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af
3e7c796234c56db38217d832af003c8aeed909713daa2e08b5dc773b7aab4d02
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402a9c97c55198d887e5a6ca49bbdb6a740f9f82508161d30693a28458b5baa3
413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25
44241aaf2a8c74295fc14fb7a9d4cadb0b5c575873aa1fae2c8da515ef05be42
447d6c7847ddce7d3017c148199f55e894b7f7ed6de3ace3e1167e3221dbddad
4598648ba4ac4f2c2ddb84c34ac3ad9b89a69ee8434482fb890e5a4ae5e6b94f
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d16e7e65fe4a743f4e8e86b20f092816fe6649437f55433397fcf2b6d630c26
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ab11e484dec4849db45b0af9e95796552daad45f5bcce145c025caacb3f2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93
57f3f4a25dc1bd551540bbb5931767c61d9d93cd091b48ba7d6e4d3f2960f0ac
58a65716b244a462a9a7616ab18a60cf8e7ab0d08c630114ca614e2df95a7d91
5baad9c4df7a71f3a4f2859c67594677b43dbf643471220ac90d4623d1839c30
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8807633315d9a295a573917fcb99923c4f8d610982b060d383c3961bd63e0f
5d1b35bf56bf714015996b39ba3180384745be0c3ce192b10271e5c74e4cf666
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d53933547a91091d128194c93c5f4bb564169651c0d8326e1af79242d9801e
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae3d44fee370431559252a28e559634242520dbf7ba0e5896ce83081018d68c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b93887e254ebeb4138023845a5b29a6fbae9293bdbdcbd2bfb772814c22d388
6e152011239168ccd2d8364fb554ade893c560ae151b7098d1f2bf0d4cf65ca7
726f7fbad4b86267924b0ab710b8b0c27fe107ce395e85e97f06f71d0911ba75
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
77a5fdc0f7915b51d7c0221c412b90387b4bccbeee874e34b4fa41bfb1e9ef43
77f1415125c2b932c4b6b381ca599974b09c50dd1f16c99f3724d5025f5983d2
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
79df24155101e9c39dd756536cc80a66b7b2a3d77d3cf4321e790ff74617829f
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080
7a8201b76eef065d6ecdbde1ccbb8e3db107ba3f4add934b1250ea98508b8ae5
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7cb6a375b59d0e9bf6a96c4bfae749601b421bd08a13097f211cf283033174ec
7cd1bd9e752db279ba54233f3e092f8d676fcdf6159928e2e55b5726ab673f0f
7d4ad92539f2a099abca34ad8928a78f9712111c9af57209bec5309b8196e721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8684b730e3fe0c0386e7a3ea27e9fc956ee97fe9503bcfa547dd4bba4ceadf32
8799bf72df2d045c2492bd5c324f0c7f69b45a942b7d466ad08c32177d7ac21f
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6b56c740c9210619e6a1b88659e673e3e11db64fc346aa167a8dd2b455dd76
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7dca6a04e7336a202e053f268bf0d20a2ce60e469f711cc5251402b8ce65b9
92a4089b295e2ceeb353259d14564c07775fb24ebe753fa4185c6bf4f22394a4
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
99747dec5e7e5fb87eea9bd12c7ada11a0e864705927d4d87e71ffc3cb27647d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acd2877f41dbadea698aae9273910aee02d94f9947640f232ea755e8fb75962
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
9eed32c740668df9cf693ca264a5f7d856dde738afddc0dbd22b7dc9282ce43b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4223faa6ecd3e1d8911433c2eab68358e116cecb9b89a013201a07d4bd5aac4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5c8e26a7aea0a408d2b06a82cece31a76e4587eed55b30b26317f1ec6ae633f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a90b2b863804617ca3845a143f20efe8e8ae6f0ff95f703ddf55edc2f9be405d
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aba9678a510a72b24a0553b11f206321655b25d6de8baf4c5dae93035d733145
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b3cf311d2b774d91ca43aa14f3b72a59c125b9896d6c395e29fd201aa971e4
b59e4017c7a2b361c19adb330e81f80699131236987ec4ffa8e5700120debc99
b75a3a703d0964ad9460f6c1786bc2051ce16720cf50863a7e447357b4225f29
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e
bfaab13f143182d1440b669a897f1483fa62875630704be96b14470cb3f2fc83
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5d775e76dcfe979d52eb0a5076b333164b58643a518d28512930babb0cd8c79
c8d848247c8706e5b7ccdc659f4be62bfcce1447d34d87b2200b2a5d106b6ccc
c9a2201ad247bdf280490658cd2c8a09a592d774228e2e08012ae0107fa25671
cbfc2f90344566288e809878fdcfc19b3bf283b39ce34e511f42bd652a288207
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce6d13c7703a2c6a7dfa38e0e9c75b1173fdf2bd5861a7b9e53de0963352005
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3cb9b20fefb1543544dd2818d12b078a7e68e98c659b9b8aaa6f73d41c59d29
d97896ce5ba9b00fbed2f1270e9f93b81442bd6e5b9b27ddf64757a228a04b71
dde47b2a5ff36b2d29806489500677b63302923a620408f6c02010fce58c0f47
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e
e32974fcd4c3ac2034a4439d9a4f37cb6d6381b307d0819acaa84339f3df024c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b6bd35c6db249a05cbbf81b7c98c2266db26580bb79d216529230c81086914
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4d08eff8cebfaaf8911199b01aaeef8ec356d00ab981abf9ef7576be8f78be
ebcd5f143bee81e58c977eb6cb49872787b0e84be7c629f2faa00318096e2da8
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07c9e46454d559912116f5f9934e494831d5a4f2694d9703cf270cf218f7a1c
f34c9159dc6d8ae6c0f2bf520b6902fe2f13d69fefe053af79e3831deb0795d2
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f9a4fa2f721430931f8d80ba2593b3beed04430ec92e3c8ee67f45652fb84690
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
fedc3713f146cc64540ddea48456d1d42e7e8207db60f0218ecea2a06abe44e8
ff24d2865523cddb14e5951ee2ffb2013f1940f053257f498c9a678307f4affb