www.file-upload.in Open in urlscan Pro
104.21.51.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/cibfu37za2d1
Effective URL:
https://www.file-upload.in/file.php?get=cibfu37za2d1
Submission: On September 05 via manual (September 5th 2023, 7:45:45 pm UTC) from US — Scanned from CH

Summary HTTP 286 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 33 domains to perform 286 HTTP transactions. The main IP is 104.21.51.85, located in and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	104.21.51.85 104.21.51.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	104.16.133.22 104.16.133.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
11	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	18.66.127.127 18.66.127.127	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	34.246.113.219 34.246.113.219	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
52	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
29	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
36	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	52.85.49.9 52.85.49.9	16509 (AMAZON-02) (AMAZON-02)
1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
11 22	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
10 20	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
2	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1 1	3.233.164.63 3.233.164.63	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	52.199.143.202 52.199.143.202	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 1	184.86.251.217 184.86.251.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
6	65.9.55.26 65.9.55.26	16509 (AMAZON-02) (AMAZON-02)
286	39

23 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.51.85 (None, )

ASN13335 (CLOUDFLARENET, US)

www.file-upload.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 104.16.133.22 (None, )

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.113.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-113-219.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.49.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-49-9.hel50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.23.98 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.80.39.216 (Canada) 10 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.164.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-164-63.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.143.202 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-143-202.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.217 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-217.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.55.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-55-26.arn54.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	googlesyndication.com 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	517 KB
51	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	446 KB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	1 MB
33	demand.supply live.demand.supply — Cisco Umbrella Rank: 39979	42 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 943746	548 KB
20	casalemedia.com 10 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	14 KB
6	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 837	19 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	340 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	60 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 41	32 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 487 www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	38 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 426 dis.criteo.com — Cisco Umbrella Rank: 596	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 169	177 KB
3	file-upload.in www.file-upload.in	11 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 736	807 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	143 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14930	9 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2916	987 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13298	519 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7689	44 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10866	292 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4642	615 B
1	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5439	229 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 847	10 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 603	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732	2 KB
1	file-upload.com 1 redirects www.file-upload.com	440 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
286	33

	Domain	Requested by
52	pagead2.googlesyndication.com	www.file-upload.org 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net www.file-upload.in securepubads.g.doubleclick.net
36	s0.2mdn.net	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com www.file-upload.org s0.2mdn.net www.file-upload.in
33	live.demand.supply	www.file-upload.in live.demand.supply client
29	tpc.googlesyndication.com	www.file-upload.org 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
22	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net www.file-upload.in 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
22	www.file-upload.org	www.file-upload.org www.file-upload.in
20	dsum-sec.casalemedia.com	10 redirects googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
10	googleads4.g.doubleclick.net	www.file-upload.org
8	googleads.g.doubleclick.net	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	choices.trustarc.com	choices.truste.com www.file-upload.in choices.trustarc.com
6	www.googletagservices.com	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com www.file-upload.org
3	www.gstatic.com	www.file-upload.org 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
3	fonts.googleapis.com	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com www.file-upload.org s0.2mdn.net
3	connect.facebook.net	www.file-upload.in connect.facebook.net
3	www.file-upload.in	www.file-upload.org www.file-upload.in
2	fonts.gstatic.com	fonts.googleapis.com
2	onetag-sys.com	1 redirects 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
2	www.google.com	www.file-upload.org tpc.googlesyndication.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.file-upload.in www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.file-upload.in
1	analytics.pangle-ads.com	1 redirects
1	im.bluevoox.com	1 redirects
1	cc.adingo.jp	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
1	s.uuidksinc.net	1 redirects
1	dis.criteo.com	1 redirects
1	fksnk.com	1 redirects
1	beacon.sojern.com	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
1	choices.truste.com	45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.file-upload.in
1	ssl.google-analytics.com	www.file-upload.in
1	www.file-upload.com	1 redirects
0	certify-js.alexametrics.com Failed	www.file-upload.in
286	45

This site contains links to these domains. Also see Links.

Domain
www.file-upload.org
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.org
www.file-up.org
sulvo.com
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-15` - `2023-09-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.file-upload.in/file.php?get=cibfu37za2d1
Frame ID: 9891B702F42128CAD7B4F627A6B4E20C
Requests: 98 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2FF37B6CFB684A058728365E53D34953
Requests: 1 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1FC0F85948B7F1EA13B21B3D10D3FFF
Requests: 19 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26C4D5B51CEBE2BCD5633EC58F739E86
Requests: 26 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA2B421BE1C8C4C1A0C4D6874B6F65F0
Requests: 13 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03782CA3E57ABA8CB4CDD2AC9D026185
Requests: 19 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3392A09EC4BA2037080282DF8FBA66F8
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: 7FE0DD0400D398D47B7817BC975C27FB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY6emt9QEwAQ&v=APEucNV-x864AmWhGkBd58rhUxWh1EWDfRHMH6EPlDqn17Ckkk2nPWtZBhEbeHMfal6KlowhrPXIvNHjBhlRftml9ZCmnGSO1Q
Frame ID: BD57986C2A9A175A4D159BF3A0D0C79F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRDDoCYYo5rM9AEwAQ&v=APEucNUP_7v-kCzGGsRGL0jHVDn0FOqQMkoOHbGSD63BM4C_983tAGFcGAvOmdfpw0zY_6ppS0iQiTUlGlhwzVo-RArzn2EbFA
Frame ID: 0A575E7715F51B1DC02D89F37768E7A7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCKvpz4AxjHuNX0ATAB&v=APEucNWsY4RSOYhsKlhXj0OTwVcEgV-OHwvOk_CpcKPcxU7Me4k0aLYiuWMwkrCHy7zB-08rsDAm1nfY4VDps3PQ7XGBGAdZgQ
Frame ID: 21D14B478C68D82911E170FCA0BDEA56
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXyPo1q9nMdyiQ8HUOqFUgKUeCY24pvTkLhz8cY3LqDH6vP6MfTc-ijq_tbgwN_rlOk85UVoiQyWVWt9NOJ_nYJnyBxWg
Frame ID: 52861798C99D7E3FDF7D8366882D391F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBDawqYCGMCw6u8BMAE&v=APEucNUmMy4KxiPvDgbLXQzy5q2akXDhmCmTJIBOGz_xVisCi7gAAO2hmjw8QDSSkRKkmCOrZH2u29pIa0MbSvAebSLU8_KUkg
Frame ID: 275D3EFE05E5EA2A33EAD111317E2A0B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF4BB220EEFC0E825B44C2BD0AD816E7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CAE9A6B13E7E767E993BA92443E7A19
Requests: 3 HTTP requests in this frame

Frame: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D5F9D3360109A297849A14C2DAC94D3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC3BBBFEC33AF07A7CB40949AC34D944
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 6C736308FAB9C6E097296CB9E5061C5C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCC71825735220836835256671941785
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 002814C6770E091B5FA5A32B306727F7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4EA66158F8E0CACB87B9FF77CA74054D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
Frame ID: 0DF51EDC12A296C9CCB02853CEDD53F9
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
Frame ID: D7B6CBA6A5A9B30F9A830390DECD3C92
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
Frame ID: DEAAB813E8988C865581DA154A1066E6
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: 68B92C0E78DD08C18E4A245E256767CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: 7B82D56F11DDD6283F71C2A266421224
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78DC9B9DC89C5FEF81D0F6F703DE15F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 964DB523E5EC2802BA06F1D3BB736163
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: FAA32C22306B6E963A6723A4570528AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/cibfu37za2d1 HTTP 301
https://www.file-upload.org/cibfu37za2d1 Page URL
https://www.file-upload.in/file.php?get=cibfu37za2d1 Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

286
Requests

92 %
HTTPS

0 %
IPv6

33
Domains

45
Subdomains

39
IPs

8
Countries

3548 kB
Transfer

8545 kB
Size

26
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.org/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.org/cibfu37za2d1
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.file-upload.in/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.org/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/cibfu37za2d1 HTTP 301
https://www.file-upload.org/cibfu37za2d1 Page URL
https://www.file-upload.in/file.php?get=cibfu37za2d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/cibfu37za2d1 HTTP 301
https://www.file-upload.org/cibfu37za2d1

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fPAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

Request Chain 210

https://fksnk.com/cs/google?google_gid=CAESEPUUTQ9S3QdJfCrkbIa7L7c&google_cver=1&google_push=AXcoOmQncUvfv2dwSYpm0WEBJmp6i7g7OfZWDHt75_FeCm56KHUyghKyVMALQlImxR7gFo6CZ_DGtyuq9jBssRRE4NlsEfpPFdrN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEYxQUQ5ODQ2QzFENkRENg==

Request Chain 211

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRbi7k_rz7lvKyNc_HiGZGif_pofwDZWdnTW2Ssu_WTlQ7-PJSr4zqPKhYwZmTx2KGCMtF3sSweUH7Dpbjwdba9aiTH9myU&google_gid=CAESEAZLTI5l033N1iXs7Dc9B7o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-r5txBV0w0Nies3qXnFrbRUkkVYwYHWxaPyz9mw&google_push=AXcoOmRbi7k_rz7lvKyNc_HiGZGif_pofwDZWdnTW2Ssu_WTlQ7-PJSr4zqPKhYwZmTx2KGCMtF3sSweUH7Dpbjwdba9aiTH9myU

Request Chain 212

https://s.uuidksinc.net/match/47/?remote_uid=CAESEI18yxfXQ71iGWOh8GWdXm0&c_param1=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh

Request Chain 214

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEL8jLS2J7g1bquwaq1EMLTc&google_cver=1&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glDq4H_-UN7rD_ecjmzvvdFbat5u3fvHObPGTTYouKz9dBSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glDq4H_-UN7rD_ecjmzvvdFbat5u3fvHObPGTTYouKz9dBSg&google_hm=QlMuYjlhMS1hYmJmLTRkMGMtOGRhMw==

Request Chain 215

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAlrK16kghvFHzoUSZQMJR8&google_cver=1&google_push=AXcoOmQBFAeZvcl8aS0ygcRPwrEDlsPMhu8unCgUgQXXbHwFNTL6gF0qwjZ7FrMg8IYE9KnFE2lL9BLQ65_o_uXT3hh3WvhnQ0JMVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimbhC8VlxNR8uvc5qM6fYYO-2ts8OR259w&google_push=AXcoOmQBFAeZvcl8aS0ygcRPwrEDlsPMhu8unCgUgQXXbHwFNTL6gF0qwjZ7FrMg8IYE9KnFE2lL9BLQ65_o_uXT3hh3WvhnQ0JMVw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 216

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPf_vUB_sVrTSLVNzc7pxbk&google_cver=1&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A7a5MKR2mWqBWagA2UB3UrR6RBdePY8wsbPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A7a5MKR2mWqBWagA2UB3UrR6RBdePY8wsbPA

286 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

cibfu37za2d1 Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/cibfu37za2d1
https://www.file-upload.org/cibfu37za2d1

27 KB
7 KB

512ms
100ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

251c00d679c778c7d4d9dd099112c5e5d06f6eb809b464bb15f57489c1ad085e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8020f9250914ba80-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 19:45:33 GMT
expires: Mon, 04 Sep 2023 19:45:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnOp%2FFMnwVLS3v3mtEcLmuXg9HEtNAbSHCTjT9MeOvVQgDfTKtL0XYmUSpeST%2Biy2atDvwJVFaZLGCDCXNQctc6LSN4tOGYCY1%2Fdp%2Bn1wyoTFfUbZdkwSZLfgombqN4VSemU57yC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8020f9220a780e5d-MXP
content-type: text/html
date: Tue, 05 Sep 2023 19:45:32 GMT
location: https://www.file-upload.org/cibfu37za2d1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFxTezKv4xw951C6n%2FxvZBPUdqXFvcHlQBI0dZOY8T8c2ZlkuywbtVuVOZDizu%2F%2BUJ9oS6xqe%2F4Cz%2Br%2FTF2JG7m2Up%2BLtP%2BzxAeyZeO4xm4j8yr3CA%2FLYWQZ90sxNlQGd1My3pCF"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 55ms
54ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 687684
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip9CpiY%2F5C16xDgsEbxCYLuE5Vej%2FqKfcr9BzroffiHTsjtpR%2FZ6dlmsY6vqyuiXkO6dt08Coq5Fzpf6MdWt5Fo5PAfnBdDtkYT0GpIrxKx9d1Pj6eG9zV0gHX%2Fz6PGdnZmedT3J"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 8020f925ba63ba80-MXP
expires: Tue, 29 Aug 2023 20:44:09 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 108ms
108ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSbFbwRtpPakjCkXz%2BC1T7iXFdhzTifafHPFp6AFDr%2FEyY0%2BUBnebnFZoyEnT3ysjK8IpNF7n6fiXOOM1VBn3u8ALRHhGd7Jet0rBfnl4CMw%2FzA2zPUCvn6yEOXlpHMMysrbIUgo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 8020f925ba67ba80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 58ms
57ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379696
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NKmZX4lTuztdplZKUa0HjRbNPl%2FbpeMkBW7qu%2B1miW4d0u1RbxCkKxlmT%2BsQy08e1%2F5dgEyBuHYsoYPRSPuGzdcIQP2Hj3rml8uis8L%2FSu38BfbksO0TTRp%2FcWmnDt9v1HW7hzN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9268be6ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1018 B 59ms
59ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFH%2FbYeqhoMfYJlFyITarJb%2B97N6bW0JVlqF1pYau93Tm%2BndJJjvTDcudl5HJC2zPjjsDUvpLqE2Meei%2Bb6K0eucvlX%2FdOnmqNec46wykEabBbyMA%2FlkxBj9zxKl37F2nmoykTDo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8020f9262b2aba80-MXP
expires: Thu, 07 Sep 2023 19:45:33 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 81ms
80ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379696
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LedsPzaJDJ5IGFMlhPGgBz6SlaBCFJ95V5H3rFLqlsC0IgkSe77xxhSf6YSjclHKOFOC7bhw8TriDxT4KBkBv5vJ%2Bg9I%2FUda6SAiWU7grL0P2cjnTFy%2FcYRh0kDySMyEfWa3u84O"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f926bc45ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1020 B 52ms
51ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379696
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnmEIDXAlOkLKNbYsQST8Do%2BxW5pp9spWzq0YPWla7v5eoNVNPjUQp1oOqQKxu8pzdWqEQi5QYt11Gw8M5mYbsW6KgQ%2FDZu0bJOWCxpOUYVgMRP1a3sFWx4D9krlRmVVAmjoFGu%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f926dc89ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 527ms
62ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693943133.cds344.fr8.hn,1693943133.cds241.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 57ms
56ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379696
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwsqmZJgJVx7O9n9mDY43OgitEo9UwQbnqlQHnVPX6pyHXZ4aymb5v8ff2ENe%2B1hchhwDkm0QTl0n7B5ZHTLgyP2rQeO46iojIh4SzJsdrssIamYNBBs0Cz5Z0qGrBG%2F6RQPf8cP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f926dc8bba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 Primary Request file.php Show response
www.file-upload.in/ 23 KB
7 KB 923ms
251ms Document
text/html 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.51.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc8613cfe8aab1196113300e3ceb78b99ec5ca9534a4eb771d8a2827117620d0

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8020f92dff764c4b-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 19:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwRvQ7OWbvn01fMLkLopg%2FNBL2AoK5C8GEVJEgXPB5xMlvb2iw8P3kSTQr1RQDg7ha%2BqZfD%2BrDxi5tjuxLPRaMyhlFgHcvGSD6BKx7YZ4J%2F%2BzunyG38Q8mTLF4%2F3IoSKW%2FK4QII%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 66ms
66ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3382889
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuzY%2FFb5JwtHaypR%2BCh4Z85tYQp8C7YR3R3jT%2FEBdNSoV2yd8OoP4Zgn4y%2FMuJ%2BDhYhlIlV6%2FMVaSC6tsmk7%2F%2FAtsGd12RSPLCG15qdBWucjkFVy0zAMGBpWVYpu%2FDPbgH8reeOn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9270cceba80-MXP
expires: Fri, 04 Aug 2023 16:04:04 GMT

GET
H2 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 77ms
77ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1873
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep6%2FqQ9HNS6EM4rlxFe1c1cVnoWEga2T4qfYPyw%2FXegHQLMYVXNlu5G9iJXdlPdjdWciMjVqlPPMaD50z%2BkAQsCfUNg4fEs92PVFAC3DGq2wwLxZvPCx4DbM4jjspC2hr0Deudlh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8020f9270cd0ba80-MXP
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 73ms
73ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5412
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuiTMOIN7bCew5gx11%2B21dol2IGp6FWs4tz9VlmjrJwYkavYncBV6tSURDsFKd8OMPDoIZMF0Q%2F7nGW3aW88g1NjleaY2RlKQYn141WLsrt%2FZV5u1ScxFDvwC231PU00uQt0mspK"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8020f9270cd2ba80-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H2 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 74ms
74ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:33 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4984
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfbhrKSccbrQWdtUwDmIpfiCww9cCxYFtQovX1Y%2FwSrTaTJ6mMq8dcnaQ%2FZrM5FfXs2Rmk8tuUxBxusShCcvOFayYHQovautD2bTI31d0CYmzoUOfWJyjClLOpVCv4q20lEs4O9S"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8020f9270cd4ba80-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 813ms
145ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9e509e943fb4cb39fcbb2863c88ccefda5cb06cc7a0216d8e21efd34a5517b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H913VYFTJTMGRG2WG00C550S
date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 745
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 8020f933dc234bf5-MXP
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 blockadblock.js Show response
www.file-upload.in/ 7 KB
2 KB 61ms
59ms Script
application/javascript 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/blockadblock.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.51.85 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248383
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 11:59:30 GMT
server: cloudflare
etag: W/"64afe722-1c1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQnihuD0XP7morBI7HINkDlPn3m%2FH9%2FUE2Ai1BUXoUDVcDR4Ke6r6vWgRltgZtuLOKquAmThnE34iGt9624auNi3TvjdF1%2F8LNitTJG6eSuaDofB76a%2FYFf6%2FsbAaTpKC5fEVlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8020f92fba304c4b-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 471ms
65ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

29d35eb994f5a9d7b9957353a67cf84d0fb29720b495458efc32d705a484a1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66719
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 18:50:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Sep 2023 19:45:35 GMT

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 62ms
61ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 687685
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B7ghqW0JzCkRRFQX0TYoH0FThDGjzj2Q6gcLiPoe45FzxAaLKVc%2F1YuEmp83%2FtIu4MS1Uzl0LhcaW9aC%2B9y%2BHrHpwQ1%2FfU8TZF25%2FoEaiV%2BmC7w%2FVSrL4%2B2GJ3n6j5%2B7IoNjhFh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 8020f92fbbb3ba80-MXP
expires: Tue, 29 Aug 2023 20:44:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 528ms
122ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

f86dea02c0b2a7e3cdf955a4b405aa13418017931035c67197557617a42b6274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 19:45:35 GMT
content-md5: Xtfd/E3foYrmqJWuzVN+fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88811
x-fb-debug: bJfZbcRRC4or8yk1OGttHn3a9RNHZ3ideD5ZzYPHBFHKEitzVYsc1humvc5QKHQomZDd5zW+ybJEHUfSGEowtg==
x-fb-content-md5: 54443bf40d081a7b9c468fd7fc0a53f2
cross-origin-opener-policy: same-origin-allow-popups
etag: "32beec243048a7ce11b318e8175b365c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:32:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 721ms
57ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

77808a97023f769c83160ecd1e585de87f32c152c9d3dda89307ec7a11531abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 19:45:35 GMT
content-md5: cl0a05G/C3UfG+yyV/H1YA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: 4GvZ4bqZLveqoWbLukmN+jsuT9zC+uNzYxLPiu2N3EcsRA9dMlfjEy33LLTatN/R6+BWTaPb9oOM9BOkWUBWNQ==
x-fb-content-md5: ac509cdb89d445b49a3201702b212f26
cross-origin-opener-policy: same-origin-allow-popups
etag: "30231c78c3fbc9216b347c277a97a5b5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:52:23 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 751ms
62ms Script
text/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 17:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6838
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 05 Sep 2023 19:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 112ms
112ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:34 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZdKlkHz7hzypgkU3HursTrWikdWfE%2FmKSAJuyZOxyE%2Fp9JffjXEZ1BPoA1QLGlAUsmy8H7NiFyNs6E%2Bau0UU8Wy6n7P2BQpxuHXA9%2BmHNAW8nsvj41zOPzHVBSsBXZRkHtDrW2L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 8020f92fbbb4ba80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
3 KB 62ms
59ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379698
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuBi%2BHfoeXNWzmFv0WYSeFYz6LhOJQ%2FjR3GzsZGBvrGZccV2Fsvr5CUd5aESHJ%2FXArrb1S2UKtDthX6Txpt%2FEf528xE7w9RzUpYZ3f9o3Bkl0mbC8cI26BdQRx4FWJgcQMkonToJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9344b81ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 54ms
53ms Script
application/javascript 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.51.85 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=cibfu37za2d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJfjDvMxjVTN7wpxsf9%2BHzQ0lAJ58jjb6aEUZBHkDu2jRne9OizIs2t9%2FQ%2FBuoviPzRGuIAejvL3FKula71fZO7LDesm0z42CkXSKRbrNfup%2BsvNl7R50oKJvB3XwkTVonvTrMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8020f934393c4c4b-MXP
expires: Thu, 07 Sep 2023 19:45:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 721ms
47ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 12:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 12:16:01 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 53ms
50ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379698
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LS%2B9d45no4BtDuFq7EVNJS8IKI9NlIXzQJ7ekiVh27McyAEvgV5xv%2BFUiQn4Uwl7rEcZFgRP%2FgqvZKPuit99shU5gHYFU%2BZcGOHjzK%2BbYj1vS8KivJtrQg62JPDndgiRCtB8XJd6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9344b82ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
964 B 60ms
58ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379698
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vMFKMlbg9MxdYnsJ9LdU7Er794%2BLRmDb7%2B5r9R%2FJ0Kmbb8LmIAyuYGfIaoO3fWeAErzwaNbQzksrXnH0P%2BOR5D%2B3kEkXFrYnOnU6llJBxKoB6neHad7m8iVbwOSs0fhBtfM1uzq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9344b84ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 53ms
51ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693943135.cds344.fr8.hn,1693943135.cds241.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 61ms
59ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3379698
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGEz82zJWh7Dq3hKZAFGMCFp%2FU7To%2BqTXLdfgaHOG5o2Ddym4F0CmuLozJGEUDo1eIP%2BwidlaUQBbv1Kjp0%2F7Seoe8WEJEtMQoiEcxQOoE8I5ZP7od7%2FAYHmrPPIELwAlB7bo13m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9344b86ba80-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
88 KB 464ms
60ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e63a527719ea9a9d2c8f2410f047750a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b0bd087e398f987fa8622519fa462b00f566caea8cc91f8bc45e366743b02617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 19:45:35 GMT
content-md5: AyAPGyXzCCv0ZwXT1Jirhw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88940
x-fb-debug: 4bjtKzEzmwnk6cXC6tDKVwhrtkOOp0Sk59+P5ff0UG6ehDbMulMn2GkaigenCFfjS5tU5pf6GktbmScz3za0eg==
x-fb-content-md5: 0cfbc995344491cc98d76c220924ebec
cross-origin-opener-policy: same-origin-allow-popups
etag: "e356e34e6485e992f3e7110a0eb8d99f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 04 Sep 2024 13:50:28 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 76ms
76ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3382891
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToNOUxUDLhNIZmCsI7podSuUtSjXonzOVRHrLwBOzChN6lCGtTZyclm%2FXYfpLvB%2FA4XcAd9pU232cGjBqQJAVpmjA4IOI3LtICpNV13nRsQjUGNtj%2FngpJdXrtco3f%2B6PXNrA8PP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f9347bbaba80-MXP
expires: Fri, 04 Aug 2023 16:04:04 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 impl.v17.14.2.js Show response
live.demand.supply/ 82 KB
27 KB 62ms
61ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.14.2.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H913VKQN69AD5D7PM815AE4H
date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 614674
cf-polished: origSize=84250
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8020f934cdea4bf5-MXP

GET
H2 200 d3d3LmZpbGUtdXBsb2FkLmluLw== Show response
live.demand.supply/p4/v17-10-0/ 2 KB
885 B 98ms
98ms Script
text/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed3114fda636a5486cb8eff6148a0fa53ed1140c0f7ebe523757b507a33678d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 8020f934cded4bf5-MXP
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
397 B 484ms
85ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=814&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
age: 1536111
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f9375b144bde-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 829ms
176ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

3c35b11b926ec4313726d0b50ae1f02b2353438fa848e117dc369484e87db457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29246
x-xss-protection: 0
server: cafe
etag: 672 / 19605 / m202308310101 / config-hash: 9286762689393535273
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:36 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
630 B 483ms
84ms XHR
text/html 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGSQC59RYGZP6NQ359764
date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 961072
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8020f9375b184bde-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
281 B 544ms
236ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2886fa9ad39a19b1f1cfea02e6c590220a75861aaaaa5b932aa8c5172f96c5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8020f9375b1a4bde-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
288 B 534ms
226ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2886fa9ad39a19b1f1cfea02e6c590220a75861aaaaa5b932aa8c5172f96c5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8020f9375b1f4bde-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 file-upload.in_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 28 B
346 B 517ms
221ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9061539a0e09e75d64460f7c8ed905e446558752789c45bf19e365106c354597

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8020f9375b1c4bde-MXP
alt-svc: h3=":443"; ma=86400
content-length: 28

GET
H2 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 105ms
103ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559241
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7avqNyELosTLTKqq4NxEG8KAUK3OIzAZF%2FavX7DNPx3hB7%2BeMc2YzKxXWw%2Bj%2Brz41CTw8NiKNGmW6%2BKHUZD0rp9w1VdWvKD46EKEQugxC%2BaeEbeJkVNH6%2BLZbPKTTE1%2B08xRk%2Fv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f93769e80d55-MXP

GET
H2 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 91ms
91ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559241
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FkinNSXOBVwnD6bhssw5ehrr%2F6kdjDAwPAeH%2FGXfaVkk5qph6CVIQY0jYfnLIEQgYmaoyZf17c6ilBjm8%2BSL80ovrQQE23oHHkUJLovPG4d2MtXQGt01OMBKvcTyC6dpXBBMnJM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f93769ea0d55-MXP

GET
H2 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 78ms
78ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559241
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CrH5UqEewyKAl55JArwuIwcnlTSMRI7NnxVQo1bP8fAmVnmioCHfLyUvCuZ%2FhoREJbR2ZeVj08qNOiDNfT6w7YTSRgM5Eq78uhDIKwYsDKsfwiBgOiWZYFHDitYNPBSRtaD5WDF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8020f93769eb0d55-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 65ms
64ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ec14ef99c3ea51b04f78b88cab2a31b1f27bb6001a6c7c4773d202d9e03418db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 19:45:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 724ms
53ms Script
text/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 19:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 73
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 21:44:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 479ms
60ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je38u0&_p=200954311&cid=404109456.1693943136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693943136&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
248 B 50ms
50ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=0.129522442817688&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f938ad1d4bde-MXP

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 43ms
43ms Stylesheet
text/css 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H6RG2MPY6RXJSSCBB6XQAQ1T
date: Tue, 05 Sep 2023 19:45:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 686177
etag: W/"624a705ce1b65875ce70f98cfa74b907-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 8020f938ad104bf5-MXP
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
241 B 67ms
67ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.1945570707321167&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f938cd434bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
268 B 66ms
66ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f938cd454bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
281 B 57ms
57ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.1945570707321167&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f938dd514bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
266 B 61ms
61ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f938dd534bde-MXP

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
2 KB 128ms
128ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9e509e943fb4cb39fcbb2863c88ccefda5cb06cc7a0216d8e21efd34a5517b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H913VYFTJTMGRG2WG00C550S
date: Tue, 05 Sep 2023 19:45:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 746
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 8020f9391d984bf5-MXP
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
364 B 51ms
51ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f9391ddf4bde-MXP

GET
H2 200 file-upload.in_fluid_all_fluidallshapes Show response
live.demand.supply/cp/ 29 B
284 B 220ms
219ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2886fa9ad39a19b1f1cfea02e6c590220a75861aaaaa5b932aa8c5172f96c5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8020f9393e174bde-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 29 B
320 B 219ms
218ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2886fa9ad39a19b1f1cfea02e6c590220a75861aaaaa5b932aa8c5172f96c5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8020f9393e1a4bde-MXP
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
267 B 60ms
60ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f939df114bde-MXP

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 403 KB
127 KB 47ms
46ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3725
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129723
x-xss-protection: 0
server: cafe
etag: 14901160554504536944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 04 Sep 2024 18:43:31 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
275 B 44ms
44ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.1945570707321167&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93a7ffd4bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
269 B 69ms
68ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93a98224bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
241 B 67ms
67ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.1945570707321167&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93a98234bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
280 B 55ms
55ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:36 GMT
cf-cache-status: HIT
age: 1536112
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93ad8924bde-MXP

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 740ms
73ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 05 Sep 2023 05:08:19 GMT
Via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 52639
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: nwHSn3AKj768H9lTy8VV_oxlNV85iEs97jmMqMcxWh0GUOMU8hFAsg==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 755ms
59ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Sep 2023 19:45:37 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 433ms
53ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 13826
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Mphp7-Gp_3-OH43uA5_QDV6mWcLt0igluUDWyxpArRUiHR4IRAYRVw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
27 KB 740ms
71ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EKDNAAXZV9J66986
age: 11
x-amz-server-side-encryption: AES256
x-amz-id-2: YhTVoGxK4NJeHybmPe44PuF/7/A1hcfKenzrBCzPu/3J1ygHUNNHAsY51yaEGdF2R9h31b0N4bA=
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8020f93f7a340d57-MXP
expires: Tue, 05 Sep 2023 20:45:37 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 753ms
84ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25296
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmJhzeV5r6bj8GD9m48%2Boh271IwVVDk41vEWVSBpMQEysCuDbAoE70cpXnO%2Bl%2BiKSBgZxWulGhIEZBjKnALgPJB2meHguCEKC%2B7JQt3WP%2FjfWzFXlg4Qoaaltb0F23rCBw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8020f93f7f34525a-MXP

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 434ms
75ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6ef6ab32f9b413b36f1d1891a7bc3e53
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
922 B 786ms
785ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=1276398294563213&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136465&lmt=1693935936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D81&adks=79733870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

71ff781a6ff75e1bbe267112e5169b70e8dc1c874ff6d81f0f0f395233027d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 695
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
38 KB 615ms
614ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=2687037508498827&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbcf1b191-0990-4fe0-90e5-a2e0b1483964&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136472&lmt=1693935936&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26chrand%3Dy%26pof%3D0%26bid%3D0.06%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D81&adks=2708986379&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

3bc4c8ca1d6bf7bd4aa3bdb02de41b8c3ef0ff58e1dad65ceeb267cafd2ccc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38594
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 537ms
535ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=2045679309384883&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136481&lmt=1693935936&adxs=245&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D81&adks=2365977148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

c0e81575e16e99fc2f17fa33e591945d711d436098c696670fb99d347a6202c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10004
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 473ms
472ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=2948276700335215&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136484&lmt=1693935936&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D81&adks=554408032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

35a28e1bc01d96526e9b7700ca270e107a5cf9701cc1e3d13f180e7a279d3c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9927
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
41 KB 701ms
700ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=2320249949486167&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136486&lmt=1693935936&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D81&adks=1867359426&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

6f3aa0c6c05eab5f8e6c2c365a0a33ebd42b12f67e5e9c6b4e3875ff0167c442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41388
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 672ms
671ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=1706312267309332&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd3859ca8-d6e5-48de-9b11-eff7c2804e8e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693943136488&lmt=1693935936&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPgYS3pjFIAFICCGQSGQoKcHViY2lkLm9yZxjPgYS3pjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4GEt6YxSABSAghkEhcKCHJ0YmhvdXNlGM-BhLemMUgAUgIIZBIZCgp1aWRhcGkuY29tGM6BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D81&adks=3992249615&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e277d7fd8423fd69dbcd48bde5338fff8d5d7d5bae498a8b87bcfacf7f661353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9788
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2FF3 6 KB
3 KB 793ms
84ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 38 KB
13 KB 64ms
64ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:36:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13570
x-xss-protection: 0
server: cafe
etag: 8322348364393239614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:36:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 60ms
59ms XHR
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=200954311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=642269949&gjid=346336345&cid=404109456.1693943136&tid=UA-119779859-1&_gid=276564565.1693943137&_r=1&gtm=457e38u0&jsscut=1&z=84476872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
615 B 596ms
165ms XHR
application/json 34.246.113.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.113.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-113-219.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1614612e76aad94fdac3b2610f95cd2b4f924e786a47f71a306681cd27ab2406

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache
x-server: 10.45.1.214
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E1FC 6 KB
3 KB 314ms
91ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
293 B 56ms
56ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&pud=814&pus=c&pue=2223&pid=85&pis=c&pie=2309&ppd=100&pps=a&ppe=2323&pcl=2918&ttc=2864&tti=3752&ttif=0&lca=2323&lcak=ppe&lct=2323&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93e5db94bde-MXP

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26C4 6 KB
3 KB 254ms
91ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
363 B 55ms
55ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93ebe3c4bde-MXP

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA2B 6 KB
3 KB 165ms
84ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 55ms
55ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.06&b=2&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93f4ef34bde-MXP

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0378 6 KB
3 KB 119ms
85ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
245 B 62ms
62ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=1&r=file-upload.in_fluid_all_fluidallshapes&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93f7f454bde-MXP

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3392 6 KB
3 KB 85ms
85ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
246 B 57ms
57ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f93fcfac4bde-MXP

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 407ms
52ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file-upload.in
date: Tue, 05 Sep 2023 19:45:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7FE0 15 KB
6 KB 739ms
56ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 307745
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
270 B 74ms
74ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f94028544bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 78ms
77ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f940587d4bde-MXP

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
781 B 488ms
488ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=2914312124987269&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dfbf6dc5fdb51bf2e%3AT%3D1693943136%3ART%3D1693943136%3AS%3DALNI_MZS6-VkZo0xjJqWuro2iVelMYDzdg&gpic=UID%3D00000c9d8adb023f%3AT%3D1693943136%3ART%3D1693943136%3AS%3DALNI_MZ2deAcZxyT5N2bLkfUjiu2CbtW8g&abxe=1&dt=1693943137291&lmt=1693935937&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYz4GEt6YxSABSAghkEhkKCnB1YmNpZC5vcmcY5IeEt6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM-BhLemMUgAUgIIZBIXCghydGJob3VzZRilhYS3pjFIAFICCGoSGQoKdWlkYXBpLmNvbRjOgYS3pjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM-BhLemMUgAUgIIZA..&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D81&adks=3111070440&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

bd06651c04b630b7027b309f104577a6d8567a1f431499e14939b1acef65ad82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD57 478 B
780 B 526ms
112ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY6emt9QEwAQ&v=APEucNV-x864AmWhGkBd58rhUxWh1EWDfRHMH6EPlDqn17Ckkk2nPWtZBhEbeHMfal6KlowhrPXIvNHjBhlRftml9ZCmnGSO1Q

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Tue, 05 Sep 2023 19:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame EA2B 23 KB
9 KB 477ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 13:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 13:59:30 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/ Frame EA2B 7 KB
3 KB 502ms
74ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 14:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3069
x-xss-protection: 0
server: cafe
etag: 15211577367894686919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 14:04:04 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA2B 0
0 498ms
109ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshxR6_xOe6xI8dw19sRyCCWKc6nDUpgm1A--AlpgMnX4tGZVElm_vWtveTHo6x6InfUtXPTSLaQ3L9oqAL4iKInYnG2V6Nr3Wh0PAZwuLeO_pxqZvLPLp1EF1fqf-e6nv0kP9lqbFJT_1ogIcc_ZoyW0_yNV8bDd_kGVWNf7IBSBJ5qy9lGojEBY4hAXztAAmaUena61KJaLt_iKCbnWCYu7dAj7a1zwuY7GR7U1vu1wY5gpBL8j4kOJ-FaaK5XM6EZVl-NWUmXm9UjrutqqGzQVS0JHIEU0V7SSmYIImiXHLaYHVVAcjBLmvIO6h33rQw6f-ojkCuky9qXzj6Cwcv3ZVtWZTDt5MUU-ZbJQ1JTvkf3Ci79-1NE67KPFus7Q0YBC3wQyDkn40JtjS54oXJGaJE8c6-SQNSF6ai6Y_z8BJjQmfLNqU46ntQ3qST8e8hqvS2zuRb6isPztuC3zOexvU7vfzvMO90_71XmVcY-nyRQ4r6OYSD65ChdhbfeW44gtDPwsU6gEkh77nWQClw8nZ_91nAxoZrvnTzQ9vRMaIebd1ygvZ5j-NKYkvhZEBmWUgWYq9ZUwnWJEDoaEqHe3Ejyh_T_wFUFmSr_w8DG1T5hLxOde0WOsmxMIl6hAMMIf3sU0V3cxHlOZUq8GIf_m8SL_mTmaGVhl1QnJNS8q2zCkyvsl4FtIxHjI9J3i7s9v6n92WVQAYt1Egu1-8dFUOgesgPYZKg0l0qJyUiauX59hz4OTyb6iPC6ukbkoXuL6EQql7r56ouxuM38ESDtulM48WMRb9mCDhDSaaXW9803S2nDcpt9xXpl8Qa1SspSCms9Rg9sEvvt5jaG4D_h63BPyn5PZ9Xj41C76wIq_N2aSbi6bz4l-r2WkJsYy9VQpUztme2rHspLPgdd-Ry9cSMP--5uoh33BvwVHlDzqxqK8P3yAuk0hCN2BsmWfBa_xahL9JFCIr2ccN0TFIuMSh1ikmEIGPxBy_-PwkY4lkX-_-KDKB5qSuX8fqR7BlqBzMFXPtEMDWiukXKBtfaYOy2ZAYhTTcINfulZ8f4vJcIogJAJhUxTaFKrcvcECOSdtfjmOqpnFcYmdPXGMrAuf_rzIay4LNmeD-WPC3JvKG1UpY-335WTUx-x4G26WA4reb3tHoHeThss4OfEWctnGEsP685yVmnbevBjsrcwR3sf9Uu787n6pvom1StoqW75TkzkY3F-gPOq6Y3foTJBwOOxEhsE1D8hDHcIz6YElBjVtnNiZqbs3Doz6_qDA4AXTzo3IFGOpRe0NHLFTbaUqlJ&sai=AMfl-YSqIEMt85PjkJfYy6D-L0EZzKbPDPOnoc1CGc4gUPLXlD5U9hSxcj_8--kXiAwK93_brpuMPZRDITfFgciTLE2Ku_mv2RPGl7dLISHxuUCuay2yDIUENebzf19WnRpvz_ZTzzej_5MIddde14jlo1JmXACcmH6Z7ok1_TgucNLDJmqtg9t5QnJimSyDjm32iXBwo0GMDpffDCNwU1XIaTMqNQ_iUC738SP5eKdErM5WFa7fj9ySq0AFAv2gvxe-Mg-nvz_LcXCu0es9LZoF-HDVY_Dot35lxpSR7tTXYz0hamESYNu45Z9d5D8UXz-sVUOzpTF9TRHdJSJD8h7Fbv_SlwzTtmaRxm9g_I7DyXMDpr5-TZNj6GwSMsBVrvIwXfvDNL_bPi1IPE8AVkMgRpv-yjRyIByyYn3W1hPsUkjRlmVj6CXKkvXp3OGzwQiItY6uaCua0h7VSF_SZy__kCfcshT2YkoRRy_puIW2&sig=Cg0ArKJSzIuQajEbwe9yEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230830.77736&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EA2B 41 KB
13 KB 541ms
114ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame EA2B 3 KB
1 KB 542ms
115ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 11:29:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame EA2B 20 KB
8 KB 500ms
74ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 13:54:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA2B 42 B
107 B 604ms
181ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLKZv-cBOvkQ7viHweirdfTQKManxUJta6J2FKTO2eqOZQjbgzoGaxkGZcZzHMdnBMb1zMfhl1gH8zDTu5EE9QlQ9mrxg0v2mTyalrE-aPGOKwPzw

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA2B 181 KB
57 KB 746ms
80ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 161269294555674935
s0.2mdn.net/simgad/ Frame EA2B 78 KB
78 KB 811ms
65ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/161269294555674935?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4ql1htwGjrtzgEHZ_TbNsXp6M1T3Sw

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

0b4b42076bb7d1716d2080ea328338e0f4eb010564d9716cbe2e0a7fe8de6392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 06:55:38 GMT
x-content-type-options: nosniff
age: 46200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79809
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 15:38:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 06:55:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0A57 478 B
458 B 501ms
119ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRDDoCYYo5rM9AEwAQ&v=APEucNUP_7v-kCzGGsRGL0jHVDn0FOqQMkoOHbGSD63BM4C_983tAGFcGAvOmdfpw0zY_6ppS0iQiTUlGlhwzVo-RArzn2EbFA

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Tue, 05 Sep 2023 19:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0378 86 KB
30 KB 560ms
159ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:37 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0378 42 B
110 B 559ms
159ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYWiiABmjALPNtd5ucoHlPu47VJEeFnYy-pBMUkWAZX2Wef9yo5r2buoBFWI_6dNpzDwf-yHS5WwyHZKNXEX2mPf709AthDKuzG9XIxT6y_GoklBc

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0378 0
121 B 558ms
158ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=958705994936332367&x=1&ct=76

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 0378 3 KB
1 KB 510ms
108ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 0378 20 KB
8 KB 477ms
75ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0378 181 KB
57 KB 761ms
118ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 21D1 478 B
457 B 494ms
118ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCKvpz4AxjHuNX0ATAB&v=APEucNWsY4RSOYhsKlhXj0OTwVcEgV-OHwvOk_CpcKPcxU7Me4k0aLYiuWMwkrCHy7zB-08rsDAm1nfY4VDps3PQ7XGBGAdZgQ

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Tue, 05 Sep 2023 19:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 26C4 86 KB
30 KB 668ms
272ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:37 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C4 42 B
107 B 555ms
160ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQZQevW0yk5gVNgU4LVXUmSgkmd5RnJMsquCCW6W_EX_QwmNvmvSjudZevUIUksPrS-WxiwyqpLvUaM8PCXGCoBFjTJTgn2r6B2Jjp_I7XwSA0M-s

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C4 0
56 B 553ms
158ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2240196352323438784&x=1&ct=119

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 26C4 27 KB
10 KB 661ms
218ms Script
text/javascript 52.85.49.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=&c=1693943136563489&js=pmw0&w=750&h=200&admarker=dynamic

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.49.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-49-9.hel50.r.cloudfront.net

Software

nginx /

Resource Hash

564ee8f070c8bbdac37d24c3da234d443f0dcc5e6dfbc3709b2046fc71c9ba3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 add50c826a69b24be8ba05da744b9204.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: HEL50-C2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: ZsWw37aBNNb9ajXf3JZKQ-jKKSpMhchNVfiRoHDzigWC1KVgW2_TFQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dbm
beacon.sojern.com/imp/ Frame 26C4 42 B
229 B 497ms
76ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dbm?auc=ABAjH0jLE5ACbH6h5QAh4csDyRKu&li=20498225648&cr=513104967&io=1013627480&seg=&src=https://www.file-upload.in/&ord=1693943136563489
Requested by: Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 05 Sep 2023 19:45:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 26C4 3 KB
1 KB 504ms
108ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 26C4 20 KB
8 KB 499ms
102ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26C4 181 KB
57 KB 764ms
127ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5286 478 B
459 B 493ms
119ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXyPo1q9nMdyiQ8HUOqFUgKUeCY24pvTkLhz8cY3LqDH6vP6MfTc-ijq_tbgwN_rlOk85UVoiQyWVWt9NOJ_nYJnyBxWg

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Tue, 05 Sep 2023 19:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E1FC 86 KB
30 KB 666ms
273ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:37 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1FC 42 B
107 B 573ms
180ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7Dudx9EhwVS4poK8DhUOsz4Br6-E6FISm-FKVUsL6srwogQos46FlsAk0g7AGo5BxwKa2qaK_V8hrGEJuqXAG8b-8M0USOXWMMe8_P-Thyatftmo

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1FC 0
56 B 569ms
176ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11816228503121570832&x=1&ct=119

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame E1FC 3 KB
1 KB 506ms
112ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame E1FC 20 KB
8 KB 497ms
103ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1FC 181 KB
57 KB 774ms
140ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 275D 478 B
460 B 491ms
120ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBDawqYCGMCw6u8BMAE&v=APEucNUmMy4KxiPvDgbLXQzy5q2akXDhmCmTJIBOGz_xVisCi7gAAO2hmjw8QDSSkRKkmCOrZH2u29pIa0MbSvAebSLU8_KUkg

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Tue, 05 Sep 2023 19:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 3392 23 KB
9 KB 458ms
74ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:56:29 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/ Frame 3392 7 KB
3 KB 456ms
72ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3069
x-xss-protection: 0
server: cafe
etag: 15211577367894686919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:19:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3392 0
0 454ms
110ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYcuAZqBH_vSTXcJkfcfnBtm92HYU4ptfkzAL7LcoOcO39JxKYE_AKKCPuOrk8PhB8n2riS58ekpFZFRMbxrx-srSCl3fhIrw8AfF2h4snuaKQ0IDoVoFFSZ5vvZ2EZUuRdNLhr0YV-iO1eW3dUuaBUFGTVFgAUA2yWrgTGOcDr2pGOPq-UGKo1vhG7kwvGOM_ksVm9RRPPvKS_2OEsgTuUUSNF4l1llCqCo1NPX7EMx5omCM2GktsnOhX1yUX6tYqbrnAK0CX0CvTP8RmXfyRJMbty7p_jLEBDG867LdVfcIhJpuPq0r2hisa2xMA4vH99LBLVQoTAS8nuAo-xbMHw4ZMAiBfoQdNJmZGwLq50WhNoCE1w7DW9E9X0sXj9G0styxjgLgWxICJcMz8FfhtBTcLuvM-OMxlf7ZTY2i8gOLTpugP-Esk3n_lVb8BSopCtsJZ6fEe2uY403DEPYCrD2xd_kV0WBT2kNTe7y2nq98Jbjqqf05CyS1ialfnGjRasHMPOesCeZgbyuS4JzZF1xyvEUQzw7dxxlgzMUnnuDXwv-OHq5Z_Ih467rkZARsPJ_DNJnQRYWTvw5axRotKNAFPu2BGxa9mWy88wAV9_qWY9E8Oy9Z31kXBOBPqXBNjTZKin33rcz48pZGneRdZ2KZ6LCDdWZGHrkvzsEPtkNspKPn91nr8FV1pGI-Yh4oOucorEMMSvLoXjRUjQM6yRM-HFr-uqwtBApRhqIVn27QzmZTNfDPdqCrkaR1cda5Cqy1phhuv15G1j-yPGs9llbSaZCCkYKfqEynW0__0Qh1cActSBpyQX1kvjkn8zClruuDAH2UHBf58BalT9grR9ojNR4KHL46wr59GGI4S_98yxDneXVOP2FbrzcXOGzp32iSiMpRer6xGZvAro-l7VR9TjsGzYT1jTgt6JyWyDV9nGWF49MgDWkyYH8cRJ9dxjBjUnsvVY5gTfaOy8rXwyxePsP7Zn7GawWPoUklTt82PU2NGRmJ-SUsPQ8tcFEVxKmHDOlJLTpluhamMJodyjxklNWhkVWNqBbxnZegthr0zB_y1L3kGXAo6D99mUrccgOsIf8NS0zZaIdA0soa15fg_ampVswMzUDr6iS1yc5VsTJJDii_ONDvhrCekynya4mCpjQD5nB2aCVwnIw1wFOS8lc-TS2DaUbSu6QNZDaF62sTXYT5Dzf1Jcll75Hzk5Hcwa9QHLVqYmecbbFqVVxPlkOb5yKG3AbUBNc8qwfwYc9uK1sdoejShFqA_WV9q1a5wJ2Xxc0q6it25jjcXYHFw0g&sai=AMfl-YQA4KHtvRaLIhILZbmv6816lcSmQUJhuJP-Ytl50SbioISh3QA9GO6uO2-sMqd739PQgQPO5JXWRxN9dGFNCI4Salmm4jDyKHixoVYW-fcFQBJJxMP8oMx_VbUpxWUGS1c9IpLMWUISMbrfDANAZR3pOlKTnNvc9TmcEvbF9YHhp8bUXaZ-84GeI8lNK8r-x2ixsVT5IQeCQ_o1le36YAsEBEQo1Mxsg4M_WnF-te-9lV6Dj9wAMA1IHR1psbWVNRKuingyvm3_seVJ7kwOECVR_RAgHzP_Cy9SghhAe1KhkuqLhSlsdtrcl7Qqi20brJSV_8EqDML6JdivCHanMLCyPXCWpT7KC0-Yqq9hQtM-VMUQpMJqba0Z3_IAeNgIDNBaOnzGj5H6ZDrCmr9f3OLli0gSbQWGg7zm8TQfyxGLZVMQ2JEg5CmoAFNW_9MYUFfuieLEK6uaKo2EIsQhl4lYe95s9LagOg&sig=Cg0ArKJSzOhpfa_7WxW9EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230831.54767&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3392 41 KB
14 KB 497ms
113ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 3392 3 KB
1 KB 495ms
113ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 3392 20 KB
8 KB 488ms
106ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3392 42 B
107 B 560ms
181ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CF2Xw9Gmxq40SSsn8Y6kXe6uxLJlDQIzNldssFZ4RDYmk9-HWKdhAqqTsRBsVhaKOOURku_CJC6q4Rmu-hHq8Lb1gyy-opNxU17kTmRxehCDHtj4o

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3392 181 KB
57 KB 777ms
155ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 15673552643533456082
s0.2mdn.net/simgad/ Frame 3392 115 KB
115 KB 785ms
83ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15673552643533456082

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

f8d3bc1fff37d1e9c26b9e523d2cd650fc21713adc5c5c3b7a6cadd4ead3ef5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 10:55:22 GMT
x-content-type-options: nosniff
age: 550216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117678
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 14:59:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Aug 2024 10:55:22 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
245 B 72ms
71ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f9436ce14bde-MXP

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
243 B 69ms
68ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:37 GMT
cf-cache-status: HIT
age: 1536113
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f9436ce74bde-MXP

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 169 KB
49 KB 409ms
407ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659213895091741&correlator=865718856582207&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cc80319cf-2567-4473-aa70-ede725041f47&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dfbf6dc5fdb51bf2e%3AT%3D1693943136%3ART%3D1693943136%3AS%3DALNI_MZS6-VkZo0xjJqWuro2iVelMYDzdg&gpic=UID%3D00000c9d8adb023f%3AT%3D1693943136%3ART%3D1693943136%3AS%3DALNI_MZ2deAcZxyT5N2bLkfUjiu2CbtW8g&abxe=1&dt=1693943137805&lmt=1693935937&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=404109456.1693943136&ga_sid=1693943136&ga_hid=200954311&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj_iYS3pjFIABIZCgpwdWJjaWQub3JnGOSHhLemMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjPgYS3pjFIAFICCGQSFwoIcnRiaG91c2UYpYWEt6YxSABSAghqEhkKCnVpZGFwaS5jb20YzoGEt6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiEi4S3pjFIAFICCGo.&dlt=1693943134629&idt=1796&prev_scp=ti%3D1eda2ecd-c902-4ab3-baa9-7ae91bb24c33%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D81&adks=3607019325&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

d2de6618f4495e59a8fad069c2714e335eab5ae7ce1286d38da92c54f60801ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50474
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BD57 170 B
232 B 796ms
83ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY6emt9QEwAQ&v=APEucNV-x864AmWhGkBd58rhUxWh1EWDfRHMH6EPlDqn17Ckkk2nPWtZBhEbeHMfal6KlowhrPXIvNHjBhlRftml9ZCmnGSO1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

299ms
52ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY6emt9QEwAQ&v=APEucNV-x864AmWhGkBd58rhUxWh1EWDfRHMH6EPlDqn17Ckkk2nPWtZBhEbeHMfal6KlowhrPXIvNHjBhlRftml9ZCmnGSO1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD57
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

57ms
56ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY6emt9QEwAQ&v=APEucNV-x864AmWhGkBd58rhUxWh1EWDfRHMH6EPlDqn17Ckkk2nPWtZBhEbeHMfal6KlowhrPXIvNHjBhlRftml9ZCmnGSO1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 21D1 170 B
409 B 782ms
79ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCKvpz4AxjHuNX0ATAB&v=APEucNWsY4RSOYhsKlhXj0OTwVcEgV-OHwvOk_CpcKPcxU7Me4k0aLYiuWMwkrCHy7zB-08rsDAm1nfY4VDps3PQ7XGBGAdZgQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 21D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

349ms
82ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCKvpz4AxjHuNX0ATAB&v=APEucNWsY4RSOYhsKlhXj0OTwVcEgV-OHwvOk_CpcKPcxU7Me4k0aLYiuWMwkrCHy7zB-08rsDAm1nfY4VDps3PQ7XGBGAdZgQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 21D1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

54ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCKvpz4AxjHuNX0ATAB&v=APEucNWsY4RSOYhsKlhXj0OTwVcEgV-OHwvOk_CpcKPcxU7Me4k0aLYiuWMwkrCHy7zB-08rsDAm1nfY4VDps3PQ7XGBGAdZgQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0A57 170 B
232 B 787ms
84ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRDDoCYYo5rM9AEwAQ&v=APEucNUP_7v-kCzGGsRGL0jHVDn0FOqQMkoOHbGSD63BM4C_983tAGFcGAvOmdfpw0zY_6ppS0iQiTUlGlhwzVo-RArzn2EbFA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0A57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

297ms
51ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRDDoCYYo5rM9AEwAQ&v=APEucNUP_7v-kCzGGsRGL0jHVDn0FOqQMkoOHbGSD63BM4C_983tAGFcGAvOmdfpw0zY_6ppS0iQiTUlGlhwzVo-RArzn2EbFA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0A57
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fPAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

54ms
53ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRDDoCYYo5rM9AEwAQ&v=APEucNUP_7v-kCzGGsRGL0jHVDn0FOqQMkoOHbGSD63BM4C_983tAGFcGAvOmdfpw0zY_6ppS0iQiTUlGlhwzVo-RArzn2EbFA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5286 170 B
232 B 781ms
84ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXyPo1q9nMdyiQ8HUOqFUgKUeCY24pvTkLhz8cY3LqDH6vP6MfTc-ijq_tbgwN_rlOk85UVoiQyWVWt9NOJ_nYJnyBxWg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5286
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

256ms
85ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXyPo1q9nMdyiQ8HUOqFUgKUeCY24pvTkLhz8cY3LqDH6vP6MfTc-ijq_tbgwN_rlOk85UVoiQyWVWt9NOJ_nYJnyBxWg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5286
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

51ms
50ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CILWQhDu7s2XAxjz_bPjATAB&v=APEucNXyPo1q9nMdyiQ8HUOqFUgKUeCY24pvTkLhz8cY3LqDH6vP6MfTc-ijq_tbgwN_rlOk85UVoiQyWVWt9NOJ_nYJnyBxWg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EA2B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98831875cc43dd3c92e17cec63f8f366ef630751fdf7366061572cd53a8dab8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AF4B 22 KB
8 KB 55ms
49ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CAE 22 KB
8 KB 52ms
51ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 275D 170 B
232 B 762ms
85ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBDawqYCGMCw6u8BMAE&v=APEucNUmMy4KxiPvDgbLXQzy5q2akXDhmCmTJIBOGz_xVisCi7gAAO2hmjw8QDSSkRKkmCOrZH2u29pIa0MbSvAebSLU8_KUkg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 275D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

292ms
45ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBDawqYCGMCw6u8BMAE&v=APEucNUmMy4KxiPvDgbLXQzy5q2akXDhmCmTJIBOGz_xVisCi7gAAO2hmjw8QDSSkRKkmCOrZH2u29pIa0MbSvAebSLU8_KUkg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 275D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPeFYgM7Lsf-3eaYCH0fOgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1

43 B
632 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzpFBDawqYCGMCw6u8BMAE&v=APEucNUmMy4KxiPvDgbLXQzy5q2akXDhmCmTJIBOGz_xVisCi7gAAO2hmjw8QDSSkRKkmCOrZH2u29pIa0MbSvAebSLU8_KUkg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHRBWrO227L3fd8ogOd4iIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3392 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88ba1044662a909bdc9ad0de908ad0c242d0fbd87e8228ad4a70574375d2b97d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0378 0
56 B 156ms
156ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1026485793292&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0378 0
56 B 173ms
172ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1026485793292&version=m202307240101&ct=76&x=1&cor=958705994936332400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0378 93 KB
38 KB 98ms
97ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw2bmiMpDPLNm6hzi94h9JzpZT1yE9YxcxT-W8l8Lb3mSC4AfiL1UXQrwljVz1g-K5porgNlp8oS594DHILzmXAY3UVtsa6qF4wTvu0onU86u_h4g&cry=1&dbm_d=AKAmf-CWfxTbxqqTUb8pfU18g_AjtPWo-1MwjH3rFI8xYi4bvZqtHtgi-n9btkUgWIyVxYd0Z0ZkEgoiglLItji-ITdFV9sDm1I-_8Wo_P3BzHJJ-on6gUVFa6igbPetuLtV2__7k4ETtrBxx8afZ-Qc6wjJI8XC2bEYY-chJ3Dj_w6bUv6ICtwqv_rBDvfYdZa_CPSX7ceEd07rc6zjWpxD3MsTp_PTpPBYBhyCbltv-2VyE5e8_9YWzlaq-YAPmpmscWiIWxo-mEQmA9anKhLTTisziks-rNS25icUhsBGd_TOmassdvDxEbUc1EKLUKV94VDRiHS2bpYXGECYPMh8Sno3zVZbDLd6MaE_Sa4KndaoDgXj0ohxiRvDW4EbYvFW2NJ89vPQFWIPXtCN9ICHLSWvkz2autH6RrZ8RYdigMibF9_OKBGa9AlJt8rpEX2fxQ58eHE-Y-7KLhLx9RaBCez0r59ajCDx2Cmjz3CcM0kaUt_8ziGm8POzJhiYzDer4axOEvFpZfi0XIqCmecupz7T_gIn3M6ldyDVtxIP8UwQjkVeCGxY-7TLA8Ay-OMn7RSDZGDdfd4_oT4te40dqJwmi1xSrJJybloTUptP5LSSwuiGix-wI5IrNTe1DdExfTYI8HUAJagZP3YseBSzIq-58I74qPZaS6KEvNqLKgm7fsGqh5LXueLgGlTRM1f3igryTxtZ0wdCnuTcHE9Xe5Qu-rp_sWFIQW4zM29cPtUGGU2deXnr3fqc6QGwWmB-nCqG_p25wS-4ZZsor69dDXysdG5gTPI3hh-JzvgNoiaU4g1iivZUSacMNlS7-sGkBmjI-vBsnsF99S56okhN7y6o7pA5gCkOOOUIDtIWcDceuBNMumoJu6NBBMLShH2NRbmW5qpdub72D-baZ0g0JQ2RLzQk_WZ6oJ61nSHH61P3TUT2au4xlVUXaGaTgp1lAl72b92HtD0ObHBnirGXLJ07rzv9T7Zc8h1KzW6zkzNTsvfts-nVtzvU6vC5MR3Oin3fmJ5wW3_VnSBDC3n_MBvTZJejDI7XBUz4VqtwW5YlNNsMDNciIG_DoyZhc7S287__rFJm62JeCLxsG8O8EfI4k7hnxbuD3aSfCAbAublzciPybctQUZFGvo63rm1FEjl_cDrur0_odSCr2OD3F5H2zCsa9hNAv2Rgz_V0CU75u2El5bdH9lz_JxUyzXgdIbaQ2RlnlCsuyxCQuyBIChzAyfmb1u8IcsxMVrPTvkozogvVH2-csx0G9hxVirHKf9mk2IkypbJH42F5vTujlKSJe9SHbj-KXMnYaLLweIRdWXXnSJT2Ucs8Vhq24CVyQ-xxxrEPftEsnpj8Z8HmxzdxhxOOemOlppFMiWdHj3YFMgYbLEDhynsVOgtAD0FWJ5dSt2SHjAieW1zl2pgCLMqqGDRoCh7Td9g457YiH_7RNSS5Kw8RHvjZJP53n1G-2gix_DINHJtRX-OOj6qfsL1zhpLFHnllC9clGpJAArY6y6ymPsxTB-DXhLvFP9mlUX28AXJ5qpZG3nQEZg48HNUuYFcvb09tN6Gaojhm_VVuMHObBdWsxvaHdUAl3HG8KPGmn032Abw5NieFdsTppmi741v3upXYWX7wHPCb8Bv5LeoLJ9zzqrU90VIsjZ30srSGk7JFP14bWtGpjPk4xzOWVqOwaX2uft9DPb0YM2FmyM1BJ8uuXZZ4NcoT1dJKENSWDnK5qpDmw94PRDykG5EarTqR-AiQH6gajbc1WusFnJVifixe1z5wIdyF_lemFjuHrRJLdxDJ60eV0cCLynbdrSIKOUUq4YCy5aL-CEtPuzQjNCThVHLSdhgHNBb_C5UEbEJj7MAn2PnHSsgmnDM8gnrp6dKFVjBSrFRKzbKO8U800ROXgICGEhrAub58WxBhnzyIAxdDAz-efzo8OK2nHDBXyFcy03TauZy_ufTrnlgONntRN-vBr4SRMhSqTcWkawerCm-yn5Jjkpjk23QGSBZ4u2O79XcN5kwJKT_rCpSzY1euvzbK4o3OPi79KkDNMjIau2Co2zgknTOAdV7BPrHPxUn-r0Da7oQfnRNWBC4BBLMSegSCurXARGeZQs1MdWEhhCofwpY4EhSqQfENE5QO_EJyFIx1FQt0odGg4BQGZwLHbfW1X8Gn7D616SNjD6VFey2pCywho2xlog9l3IY6ETl0DamWp9HU9O93Y5jawOe99g3TNfRpOk5mvtQCWSN1B_jnRUFwimCRpwIjvVtuNDc_hcUrf1nvijgjQc4LytE65uvrNJgj-renXjO5tSeSGZLTmGK01PzjT3VuEJ9PhDml__4aKgb6sep0NaTLpWTkXzRC3APKltEuxfDonF4amwUKiHs3SBD470B1bAjW_y7TZbbuiVbC52Wo18gB1TFF67ihN92rSzhnl-49YOvxbRxW2QAby7hmLc-Cv_Pg0z4GkdIEuWEo7_czQMRprcFmk2pYk3BS_5foBg5k2bI_FArUmJfpyybeuLOSrlQJd_9w_j8bjTBZ85gjFYpnpNs4NVXtqDnKorY9ccvU5WArdJRAsOFwIv0cuOR6-pOsFiceFhO5kWwUaKZCQevs5XwVexpCJS1uxFiND98NPa1wC7J3MNzSO0tpSo8RyAiAWWwSBRaQm47WlXFBFKJjYlHxFObsIPrzsAlccdSYTwy8-g3rtu7SEf7gbVn0ABhPxJdXXauXFQPrUbZyc8vfaqBNYy5sBPYlHdmNwCSnOU9ZaqEvNd78hq_R40hbYji_IlF2xGmpm2AhctPz8i7sbPVlehFg-8Lpi1Ff0M20iyewA4NRx6fMq0_p7kCi6UUVgp0pEBJq6-OlQO257BmPNrPrHLn6Kvqpd-5gT8qHHYLn54C3mENJzUttl8Sff8e-2COKYz0Bzk3xnKHx7Su7TaSY9lN-0njRCY-3CdLZdjkXCNQy6Vi2gdq5hT-ChWyqUj0CorbP6Y_A-S4wE68orfsDP4MLF8eORKgG0LSmWKV9Zfjd8QJNKMsQHaHmy-silAhjiw6fH9pShv31jytUby1QhG8fQss0NSOw7jTeb1yu69uAGOXutddPYDEWx9T-T1LKJzunVwFQQP_XesrjtWDbSnRBM_8JcOHDFkMNHosdyNIZIlcmafKblWFi9bw7N7EtEomag6XK5s2FdprsYzuQi_Bc40Fi-vn0fjbsuNSjIu_7n9lARhDrZC5oJA_ovd8qTfc54F0hTIFh6V2xf22BvWh3OsKFUVjn_zDeGx8n8lyQRoYuJU1vmeEo3_uZFr_THTbALEHAxYlRwJukN9AGXMrgVjRhP6khPcFgMDRIZXQz-Vg_0FQk6D-tjrFQKBJDOIwTvAoXMSyMt4yDV1tHRffhsDtnYoD1FzzzKM5Ck8RwfTKfYDyi4QZ5ZdhmOn9B_kGxZGJhpzbiiGEGwNtnU6jbcRYXsewL0tlVjQtCCR5c3d7z6OQKDEcrzjmFMQNO_Cpdev4GKvqFyv4tfS12f37XwU8TOt3siN5-H-paVRe_7i3dDG171W9hkKIibTwTQwz7NMGZVwWKP3qvm7EnlhpIBR_4ZDGySS3w330mgbST4E0mu9dtm4Pvjdw0qk5D4S_5C8-hchAKeUUwi75z0zULmz9MGWsMPhzN9FqIqx-mupaUR2gje7VZG1YaxA&cid=CAQSTABpAlJWAZHZHSQNrI_m51sIrGXRUkUsl4aCNe6HgiZLRMnmWg9SeLkKmYACHJ2xXBtWGyGTVwzwpxiwlIO2LEe6cDdyrs4W1V-Bu3sYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=958705994936332400&adk=1964084972&idt=578&cac=0&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

216af33db51fa31fc6844f74b902d99a82889b8135fa152802dadfcdb85a4abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38555
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7FE0 425 B
555 B 65ms
64ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

761972dada028edd530d252ca1605556c7835eaa20bf691705e30f6c1ed1a3dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1599051
expires: 0

GET
H2 200 cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js Show response
pagead2.googlesyndication.com/bg/ Frame AF4B 38 KB
15 KB 46ms
46ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 14:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14792
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 14:28:41 GMT

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CAE 38 KB
15 KB 63ms
62ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C4 0
56 B 163ms
160ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7727210921177&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C4 0
56 B 161ms
159ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7727210921177&version=m202307240101&ct=119&x=1&cor=2240196352323438800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 26C4 89 KB
37 KB 94ms
93ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4Cb63cuNmd3IiFEvj9YFrt_59i2f2_IhOP84ByVJARaTQV38mXZFaOHCR4RNjE68Adit1TxTrJ6kAljKOhaKL4t_sYa5z0D9w91nQh0zdBk-mMjuPg7aeKhkqbe-3N3ElDFiizgn4XEEL2v-JkjZrGdgcVdp0GDecxbFRC1uwRP1hhGNfzkD5nOV-6CgfMwWcfUpn&cry=1&dbm_d=AKAmf-AjlYZsvt-MrskQ7srr9Ojuh4df29mq3t9QmnSNxvGPxEHi2ceCz9R-GHbQ9PNvyjN5P9iuuUeoKSOjpn0JptX6ZQMze5OId1GB-G42Q89bhBgaPErep--01c2lJ9BbaYppyMab0wPsr8GIZSmnS-z51TS_T2N-PilFAw-FD7NbPybCFjD_zMTDglx0CN28S8wquJYHQIec7hujRSVBJB3bZ3sePmowpRPSud7B6-mE0M5r59mUU-DNQgfqJ4505XEADDIiPzrX7n89B30MWI882q9KeJqjjdfQ00MsPEe9HLsa8fQLz5cnE5wM_gsx460q73zlTpvb2xs9MVXRqFln8qK1QBgaQsXG4YrEUHxECyde2iSnCVLSs821xZYAvJQHQVCh1XQ_xHDfaUTnOX7M_JDBzL5is0nC88Vhsq-kN6x23d6FlvWzuI3JCxyY9URmmEoeMTDjxXj7VvEVeWlBoEGptqW3f8GovFm3KN3j4ujzHYTGHzLWsyBC5X3curjtqaWYwAtCnMPpZWCjWH2hdRRMSE4uhpxDTfVkpSgY3GlOSQqg8SrM9g4yqsMNn0lCsBMMRkHOj1k3PklDbgH_BnHUtJaVAXe57_h7StdGyEBb5ueE6P0ns9R3l0KluNfYXPhtjIUba0puSGs5nCxXmx8Vw7V905btzb1kXk2SvtAwihbpfTr0Noz7ztIHfwSS4OvUSx2b7QgRIVtf-ydtrK4TekP97pxZP0E1k9gA9dZSHB355Xul1HfBPXph_18RbkVlKwTdk0pYenSRoyq2rw7Vn0NYSyCu2lha-QYqGqTDEVG5dnV-9_-cVON-aGA5ljc_AuY5TlHtnPEr2glh8niUO8CsjzPOi2xLtc1nAA613Oxl0lWgrYdawoWQwhl2FckXjmzrhmic4bUMZ6Y6Z6dZ9fjaUlL3nwtOXplPS9-qW8DC0oqnWjLVDoye1hRZN8eljChyApSfJNLYuBn59m34MeFcyDg9nKRzGsNpRMoB_6reBE83J-JRDCNSL4fnGqSsdMYwKLVLAPJWvK_gN3HqtCzFTKPy0X2TmvKnHV2VDudt2FY8OtrLVXkSPZpcnJHIQHk--mawAU5zQupz_zYL5TdxWRNIKM8wmuFf31L7Ut8d33bqBht4RIpK1hQi59p0EvsWGqmmT2dljFPEHbi7t677ObuWwaHJp4nj5K6ICTXAiTiHblo3wqFVz-XYeefsR1bPnvMQ-XRwfCLzTpXKG_IbP1pFbnreSFK8l4Z5KTV6kk5hJDHZ-IWya1Wq2jD1ApdFglSyEHA9ArUDzh8oW3hYvJ5yAd3haMdJdgkORVFuoylK9eJF0AqaG9RvqdFTr9qxl4WCxA6YRity5afxS8EB5gdI2jrTYCEX1n89Rg3ppVqHnMuwxmSPJgsuNtAU5P9lvUc073a_V1LzSafjdNBIQvbqNLtQ-cQiLMmi_FlavtKnNkd9MSbB0-3CIP51Z6pZjWc27BFPOzBcGhhvoG8UefW_rUv6YcTQ10tBhg1brhcjRhdNNDf307wSnreaDpdE6hut0R8i_zUdfbGzofeGUqH_OXPyFBfdDs7Ma8FRMeJzgo-PGBDweiR1aZjtcKzAEtkPQepRS5SboMSJ9ElVuZJ8swzZQ36cPxM6m6sJ5xBV0NaSv_fcYEhxdSKRaOp1M7r5UrsvmmJRItl05Ck3Wln8_Plw85l-saxvRh8ztdBGQclxCn6YuX1uOgo_m9LFi33aSLFmkai1nobuy1gigvuBZ4YJ25F3C7WBu1Cl64E57NznKw7uPiHiWRI5BUjv13u-xlwiPhW7IXmSbGfU3yvd-ItH4LqJeuv4GX5i2DJ3AzV4qdQU7N4vyTA8YMbjXTLNckl8x0b9lQxcwiWJ3iyfTrj_pnFdCVrguh4mzyEk7uo0meFIY5n2OFuhkb5v6iNzm5aRf7Ru6xMhtEXPdMA4WW2mZWN1gzwCD_QomsNKbv3TDNR2hymBsEbz-jhvb_blyFZs5zyiZcNO6HwrS9rfubMo9byu-vF3MPfKZsj4nyXduwAWF0vbxGRpJOHc33GeDe7A4Zsso7qY6SEwD76k7aN6qtAqv3Ta8CLns648HHKh0tkCzY7IijgOdeIggqCa3o1VWtLkxw6zBLMQqb3BT9jI8CJ5XvrvL0ftNR-GSZeWAj6aCyFVegWQAquRl9t_GU9FQWbHoLTh3YRpiLLdLyuLAvD2mzNoR-E1VxPcU5Sqv_K42mc2NLyWKg6vuUtcPaIIyFkZFpfCPMvlPhGZsL7QS3pq9zpIsyMe4ovRRiw6zikDCiKPeLlkbzc6-GevrrwS3QOg5YEh-JzEHw5OFpPiNNyVyd8Ry0e9Z1YRGzzGc3dtaorrcfE-fffO6JbA07UxJrioyHbEL8irvp3xOtpOVHGts5V5vHHDJLv5HCUnHTM8xc2jHuv4TB9bN65oQLOHZpN_F_TCt5hvnbwp9VWOWXMDNVGTNHQqOQaSzNxlFM42wnz8EYEAiB5D6s4mUkM2-zhSB3C8_ohAzyjLr8k8Yw8IfQ9FRmbq80ubSlOUCXQFjPGTc1VznfEemIIoz36ylZg1BFZ9Ukoc8S_lIeRiVPO4g1YwTVrCTYowxfZQ5kHP8s1v6nK3oj926D87CZrsYRKSFOrGTIgGMQA_N9hAtvMWpcIvM7vSKV1uACcmc703z_PuWK-9CGH3vyx22r2lK3y21k-rlInWr6JqX4uFlVPC7Lc3B90GVgSfpFIgzX-ePrLF3Ho9VDeSyesW5NIKyeanAa0rxkhWN1f6k7jRXtvQM9f3Geka5EDcGobjTmHNVdqxf_ZwRnY5btSgTuLY4JqYZB3SbDZwvNh5f7UjreA8dxmWCsm_2Y-bWVB2JgNq6f9yTihtXQ2D9CjHp67GaZBVwtMQFoXE8m6LK9EpesBDqIe2s8eUPss5zOlNGtehr0rdgey7eV8cG4LPybgDsgRBHWQmh78riiSk6jd1c7acIFpyG2-MQmo0JVigonlc7KvhDKFw0l3YT3uPfG_OQ42VsRyPPMPy90QKKWPy1h-4xJGmEnEMOAK5V-BJyDH0A1sd1uVDYFWG0xbsmzaH6H0Bf8JWGhj_yFHYPiPRsHoJUbqLzweCGS7o9vytDJZQl7IGFmK5bWXyUU_d-mkLGQ9PdrTQaTVt9THgcBEsb-FB1rfN5TY5vTyii5k46SC2RoBZO0y89Junt6vacmicfAS5mNx4q93HaXwyMpljrmLrHn1eCk4X1ry1RwmuQJ8wZyd-ASh0Iw0P0PiwVyWbP5GRbAMPFL-VgXVgajCh1eY-7Vmq7vKiZNzpkBpsa_9hXSLJ10ys1Zd4nYCLJabmCMTTc4UoGKF3zCF8xyrdAdL-LKzL7k517ieE5QTW5olEP4Z5ACWdA4Zta560UPHKgQWlNpRBEQ3Ju05Na-91BUHF1ThvoKVcyOu99U_1FFJ9w9ZCljrqsoimsUJVYl6k-0SZpqjw6VjeOvd7DLVM61gjIZLDQWyivPIdZIN7ISRUGxurTtnrab3vuurNZBuWaGwwm7tD6ykLwgPu45Muh-r5yPm97qU&cid=CAQSSwBpAlJW2uQ_zT4Mtac_KurT_3TPgsxHbkPIl4MjzMnR3U3bKk-2WgCiqiWteIJKUsWbAwR0fO_667flQ1RooYSYPNewx4z4h1NX8RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2240196352323438800&adk=2923430907&idt=670&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6b363e382198fc67607289876c7aa717e0d7a8e018abd5437e45238a56151c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37847
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1FC 0
56 B 168ms
167ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4531697479974&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1FC 0
56 B 168ms
168ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4531697479974&version=m202307240101&ct=119&x=1&cor=11816228503121572000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E1FC 89 KB
37 KB 110ms
110ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARcduZLC31EbGnIPwZ6NLJNuboYoK-1ZwYc2gzIUmccihRTQpyRVlx4KEh67PWouMwHlhqwR2ubl-vvyUKYPWDc64NZY-gel8VUCWTq1er7Qida7oyd3h2Z34FEVlccuUjfKC7ABD-ZtJeE0dXLsN7L_OxWfiw39M336wqpvDw3jDkppf6r2zJFcuLeGC9P-ZUgfO3&cry=1&dbm_d=AKAmf-Bc-ZWYQ_V3vwamPc7aYbw0DSD7qztRtU_lxMTtGyj0qiumQitVZyBTeoVZQVlnWU4afeQ6GvgePQjHfikkSoF13WeCWEkskffznE5LvvoIi68bIlyxguR747csEDBLQE-1PVwDTQOVikXhr5JVXGzfkonPzCbKeBbT4fD_tNVdFytHV0sGR7_ProSQ-LXLYGA1nruDZ6_wDMa_9lehgVUtM3hLy8UVkOGR7Gnq9nmeRO_6F99lWOp4zOq00NwNndUo48qr5URt-A811pE9qNPA1bR9zRImo8B7S-Hr4vxRcQ5FIIIia4BnEtuSUkVvKdGv2YAMFdpDSlFLdV00QsMG2jEI5qSzMmRaR1LVK_qjBBv88KKTLEW373FZvbU_EiRc14y3wU2d-x6KUsC7YEWs8QSL4W1JM2ztNBahxMXnkjXAT8prEMKMas_RxVtGP0QSh6aFNy6t4HGC6LGWB_rBL3It7Y1pClRlTgKYBpF7GNB1VQBDHLlK_i6Co4uMacAjj3Y96SX-FKhWEGLew2Wghtl4jDNrhUsL8RK_oy1H4uOTTXrpP4H4M1tDXxzUODTGFPXLBAMEeBs6KhUMSKcR-A8tqpaCWCoIbXpPRTG_nEQ_VOIP8IXqnWCJObnJ5ih-UN0LMKrViBewTbuvC-GPBO5NJbKwhW3Tqcvk2GPkZOY-_HzhhBxP34hMQXdWrhNb0AlUq5XHiAM6_PP0zWt-1gzBMsDOjsD3ls5shk9S6kD0_vYQTUp00IyvPvC0d3XVlN5-1TRZcjbnJo9xWLW-8y4oK8A4kBAiKL30GRT0BCkpDbk1FRJjhBJzqdaNJcYOgTYRnOBP3WH6-DG2b643SK3Fw6q1rLKVY9RjC6tlShl4Ry-W-0uczBwDM458369zgyLlxXBn0Rb--8FQL2DaYeQ_JhjG3juZhfvA5vKi4YENAVZXxbnbrTkeXkQKkeg4zVIOfyJ6Ai9G6q2ccVk7Zw24C5XWYB9U2onlKmA0LKKPSutpVIlkik3Q4X-Am2YQNkGm32KdxI_Mmuzk5yC6ALImiCZPX0RZ79rtga7mHDgZ5aOKwH1ZeMU0tDjMS_fxOxNyYkNsqVXgqcC1Afhodc9lWXweX1kA2Xb7y3MvIMx9WzDgXi5m6di0hGa9FE5pQH3OVIR8jGf51oqVA8TcoPoLIQClR-yjcGpDnrtFu8-Mv3GFiE63q66eqG5ejn5-ikYrMobGnoI7AAEyV97GdAGWqvhFU0GuNq2F9c5ei6rpRwueMZaY4E3xa6BX-j0Q9Tn_t2iKgm7_NG_Ot7_JEE42NR2HN-tfERP2sgcPSzSeyW8VGnDNZnO1qDxjlzbAdVO5xFRy2nxl_zHneYgVZo0ITkxYIwIxKLvC772phuH9kq18ivT0x-OD4VF0JhJp3GRsCPs6kOP_R_JibVY66h1Xr9IS1wB-T1CeA05k9gP1CT-_volyoDPREUQ7KQb6hrzCmI9wsJvekMIY0nEocd-_Pd4WhkXIMCUcPEQiu-TAvBBYKc_MC_zO5B0t_wWW5cre7WGUi7yUOzmWbC6bU5yB5RWCGH8XT2tXx9351DqmjWC1IffVMRt2K_NyZqJJwfrl0KH_lsDPdoULpTAACfQQQlKvqQvocP5QeBbsh_wJ_mgnPHW5iD91-w0nkRlOtMgIh_WdPVqg3j1zb3cQKxscrNJLs_W9HlieVKT2rJwkDuxEqPQOpCSpB_AUTy9d1E-AGYzp62jcD2WwmDdvl8X-fyBDHbkOmlbq8LQVyg9O8XSdTtgJfryKTYbTGwhFkYt4aC89ViAKCgj6oMVm_6ZALlpfdxbbW7ZsgJ6s73-QoWhyukTAvIAMpv32Qttmdpy7Dg3fobZUixc2qBH63_F_Fp8ksoyxP1PjIibpsZAQOMRA5dBV_RSO4duKA_PvcXyNXSogIAO7etP6xP6KnZXNy3MVlS5-Ma0QSgfnqx1FFCW_ta9mFL95pwHNsv1ui3LUL7lPmrNYDphGVhu0yOYZWpSofroUzA2JdJXoseP3CI5NSUThtff18CS6_-8qI6TXOZBF1ssc1TbrhGA6mvs3KjO5Uv8B_XRvpWRuRIrUOVjTVO_0_OckBKxHC1EVwDANfqn1oesU5qnX8vIiLk8UOWXwT0JCF5DIXj0zHcE6Qcl4pJWdF_4qLBuaCfo75MGwR9rrn6Sz7DdmkKYhL_PmI3dOwuYiWSkzME8Krr7KUysUiu1RJk-xpQaFdLW0Vhyi64PgKMzlCPSB4YpVRfEe7ss96Lw6795MX6lYtcMgfIJsFHFUHzPtWfbQa3a1uDqnJF_QVgexK7ng8TnVPEv9rqrKoS8joi9MTJyiqlgOKdP5oc4Px0b8Hzv7t5eYkIKxYJdm1FZ_8ihZ-wr-EQ0LSAon25VT6ZI41F7DjM8dPy63P_Fre5ZjP6t2oyEw6-oB86t8KlZPC1ksGxbIznRlrvvmbBgva_VVSk8TqnnPVyeC2HzUPfOrDJR0NPT1ERiXxcaaUp_97pu_2PAp1L8OOn7_95AEFDNXXyhEFBlDFo2JDyrgOH5RisVqwfJUCfOpDyjcfdUvFHFPLyD3yoOhEdO8LjDApOSXezuEFVZfJtZgFZBfajcw5QOtxiZI3OplNVlBqjLe_LsDuG8H37HBOIv-BqkEEfBtCq0EDy2JRwjyGIbfSfbYTTpCWjUROR3bVqfMcxpQUSLIlpt7Ii1IStb384wcTvXdrObERGiVgSTWKrR-OGmRSZSjSvyGR7IfV21tZmzmTi4_6HtvJT7401Ru7B_xVgREe0Ev0mN0hdHZkNg02g8rEai5gu6PYtePRiRyR7Dv02Q7Ki-Y5p25be6SXsGOF-Z7SmXCJa7p88rVn4Shkk9JnrpuNBTYbyaCI-9dOkHgq91Yd4WYa_1v_I6gil_fnfGzXYhWL6TiKxjjNDhapHVagi-95RhXgSHSsNilPXi7T9my4nS7gsd_lM6Sm66WIqpMORBQ4YN2kKXyNQwRJaTcR8b7YwurQFKDWjcHGio6gnwvYcXy4-p6YWLjhCjfT6hUH2lrTZdDkyTLDNQySqVtENEH2jLZjOc6bvXGgq-Oh3sxT17EnH-Q-Y-BdaPMou8JjSwOVu_y7PgQl3nsdbBGaNy2XJ0EZwUemu1Rbgsc0NKuOZqdCGbv0oB5NpcGZr_Lw9DuLaMmYg71rI_wZoFbWjwbSIsQpomHr9uBZHrSSzMhYSZ8Ewn5SU2hJL2DcFjJrRB9WjzU0Dv-7eQenoEwqiPumOopA9ovlvSH-9IpX7bxNyQXbNQO91Pu21ElsyQzAh4b3cV6abeBiCe6729F8NZpHrQPgxJMPYlxxCmLUK2J_whnOQIqIi6nx7OJZc4aCJ2iK63aZuHUybVU-p0cYyRLKtd2WrujX2_Y_Yai4dhbDds8_CQX8ky0sOqsFS7h-j6bRa8H1Q4S_k-qdiuLUCmDULwWdPjEnCs9rKfswhhUmAv1RrFdD9DP7TElOrGM6cEPiqUl8AqGhdA1HJP1hUjDbO7JtDLQIs6a-nyeRJTm4Zk8hx_r6Qc1FE7hJxwZzkHMsRgTQUxCnZx4roy5Z6u8klAzZm_zzhUfmVXz6OqiJHATdE3SXC4yEpzpYBFDSXbVZuhox_vJ0har_z6WeOXFzMSvEzD4NhDRdRvsIGoG4FkjaWE3cw&cid=CAQSSwBpAlJWaz8F0yzXV6JTSVZYu_KEVq6cdalbHw_JywAKNB5vP7J1fOG37hhPJFF6V0b_Oy1hkxDzuN-ZMHX0KCpaXkxzzWfWwd-eCRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=11816228503121572000&adk=356101037&idt=685&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

dd8cfd3d8153c527c550a60d7204488dd8c608ad7c082511be8c81f33184dcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37859
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0378 172 KB
61 KB 495ms
49ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Origin: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 09:29:02 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/ Frame 0378 11 KB
4 KB 59ms
56ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw2bmiMpDPLNm6hzi94h9JzpZT1yE9YxcxT-W8l8Lb3mSC4AfiL1UXQrwljVz1g-K5porgNlp8oS594DHILzmXAY3UVtsa6qF4wTvu0onU86u_h4g&cry=1&dbm_d=AKAmf-CWfxTbxqqTUb8pfU18g_AjtPWo-1MwjH3rFI8xYi4bvZqtHtgi-n9btkUgWIyVxYd0Z0ZkEgoiglLItji-ITdFV9sDm1I-_8Wo_P3BzHJJ-on6gUVFa6igbPetuLtV2__7k4ETtrBxx8afZ-Qc6wjJI8XC2bEYY-chJ3Dj_w6bUv6ICtwqv_rBDvfYdZa_CPSX7ceEd07rc6zjWpxD3MsTp_PTpPBYBhyCbltv-2VyE5e8_9YWzlaq-YAPmpmscWiIWxo-mEQmA9anKhLTTisziks-rNS25icUhsBGd_TOmassdvDxEbUc1EKLUKV94VDRiHS2bpYXGECYPMh8Sno3zVZbDLd6MaE_Sa4KndaoDgXj0ohxiRvDW4EbYvFW2NJ89vPQFWIPXtCN9ICHLSWvkz2autH6RrZ8RYdigMibF9_OKBGa9AlJt8rpEX2fxQ58eHE-Y-7KLhLx9RaBCez0r59ajCDx2Cmjz3CcM0kaUt_8ziGm8POzJhiYzDer4axOEvFpZfi0XIqCmecupz7T_gIn3M6ldyDVtxIP8UwQjkVeCGxY-7TLA8Ay-OMn7RSDZGDdfd4_oT4te40dqJwmi1xSrJJybloTUptP5LSSwuiGix-wI5IrNTe1DdExfTYI8HUAJagZP3YseBSzIq-58I74qPZaS6KEvNqLKgm7fsGqh5LXueLgGlTRM1f3igryTxtZ0wdCnuTcHE9Xe5Qu-rp_sWFIQW4zM29cPtUGGU2deXnr3fqc6QGwWmB-nCqG_p25wS-4ZZsor69dDXysdG5gTPI3hh-JzvgNoiaU4g1iivZUSacMNlS7-sGkBmjI-vBsnsF99S56okhN7y6o7pA5gCkOOOUIDtIWcDceuBNMumoJu6NBBMLShH2NRbmW5qpdub72D-baZ0g0JQ2RLzQk_WZ6oJ61nSHH61P3TUT2au4xlVUXaGaTgp1lAl72b92HtD0ObHBnirGXLJ07rzv9T7Zc8h1KzW6zkzNTsvfts-nVtzvU6vC5MR3Oin3fmJ5wW3_VnSBDC3n_MBvTZJejDI7XBUz4VqtwW5YlNNsMDNciIG_DoyZhc7S287__rFJm62JeCLxsG8O8EfI4k7hnxbuD3aSfCAbAublzciPybctQUZFGvo63rm1FEjl_cDrur0_odSCr2OD3F5H2zCsa9hNAv2Rgz_V0CU75u2El5bdH9lz_JxUyzXgdIbaQ2RlnlCsuyxCQuyBIChzAyfmb1u8IcsxMVrPTvkozogvVH2-csx0G9hxVirHKf9mk2IkypbJH42F5vTujlKSJe9SHbj-KXMnYaLLweIRdWXXnSJT2Ucs8Vhq24CVyQ-xxxrEPftEsnpj8Z8HmxzdxhxOOemOlppFMiWdHj3YFMgYbLEDhynsVOgtAD0FWJ5dSt2SHjAieW1zl2pgCLMqqGDRoCh7Td9g457YiH_7RNSS5Kw8RHvjZJP53n1G-2gix_DINHJtRX-OOj6qfsL1zhpLFHnllC9clGpJAArY6y6ymPsxTB-DXhLvFP9mlUX28AXJ5qpZG3nQEZg48HNUuYFcvb09tN6Gaojhm_VVuMHObBdWsxvaHdUAl3HG8KPGmn032Abw5NieFdsTppmi741v3upXYWX7wHPCb8Bv5LeoLJ9zzqrU90VIsjZ30srSGk7JFP14bWtGpjPk4xzOWVqOwaX2uft9DPb0YM2FmyM1BJ8uuXZZ4NcoT1dJKENSWDnK5qpDmw94PRDykG5EarTqR-AiQH6gajbc1WusFnJVifixe1z5wIdyF_lemFjuHrRJLdxDJ60eV0cCLynbdrSIKOUUq4YCy5aL-CEtPuzQjNCThVHLSdhgHNBb_C5UEbEJj7MAn2PnHSsgmnDM8gnrp6dKFVjBSrFRKzbKO8U800ROXgICGEhrAub58WxBhnzyIAxdDAz-efzo8OK2nHDBXyFcy03TauZy_ufTrnlgONntRN-vBr4SRMhSqTcWkawerCm-yn5Jjkpjk23QGSBZ4u2O79XcN5kwJKT_rCpSzY1euvzbK4o3OPi79KkDNMjIau2Co2zgknTOAdV7BPrHPxUn-r0Da7oQfnRNWBC4BBLMSegSCurXARGeZQs1MdWEhhCofwpY4EhSqQfENE5QO_EJyFIx1FQt0odGg4BQGZwLHbfW1X8Gn7D616SNjD6VFey2pCywho2xlog9l3IY6ETl0DamWp9HU9O93Y5jawOe99g3TNfRpOk5mvtQCWSN1B_jnRUFwimCRpwIjvVtuNDc_hcUrf1nvijgjQc4LytE65uvrNJgj-renXjO5tSeSGZLTmGK01PzjT3VuEJ9PhDml__4aKgb6sep0NaTLpWTkXzRC3APKltEuxfDonF4amwUKiHs3SBD470B1bAjW_y7TZbbuiVbC52Wo18gB1TFF67ihN92rSzhnl-49YOvxbRxW2QAby7hmLc-Cv_Pg0z4GkdIEuWEo7_czQMRprcFmk2pYk3BS_5foBg5k2bI_FArUmJfpyybeuLOSrlQJd_9w_j8bjTBZ85gjFYpnpNs4NVXtqDnKorY9ccvU5WArdJRAsOFwIv0cuOR6-pOsFiceFhO5kWwUaKZCQevs5XwVexpCJS1uxFiND98NPa1wC7J3MNzSO0tpSo8RyAiAWWwSBRaQm47WlXFBFKJjYlHxFObsIPrzsAlccdSYTwy8-g3rtu7SEf7gbVn0ABhPxJdXXauXFQPrUbZyc8vfaqBNYy5sBPYlHdmNwCSnOU9ZaqEvNd78hq_R40hbYji_IlF2xGmpm2AhctPz8i7sbPVlehFg-8Lpi1Ff0M20iyewA4NRx6fMq0_p7kCi6UUVgp0pEBJq6-OlQO257BmPNrPrHLn6Kvqpd-5gT8qHHYLn54C3mENJzUttl8Sff8e-2COKYz0Bzk3xnKHx7Su7TaSY9lN-0njRCY-3CdLZdjkXCNQy6Vi2gdq5hT-ChWyqUj0CorbP6Y_A-S4wE68orfsDP4MLF8eORKgG0LSmWKV9Zfjd8QJNKMsQHaHmy-silAhjiw6fH9pShv31jytUby1QhG8fQss0NSOw7jTeb1yu69uAGOXutddPYDEWx9T-T1LKJzunVwFQQP_XesrjtWDbSnRBM_8JcOHDFkMNHosdyNIZIlcmafKblWFi9bw7N7EtEomag6XK5s2FdprsYzuQi_Bc40Fi-vn0fjbsuNSjIu_7n9lARhDrZC5oJA_ovd8qTfc54F0hTIFh6V2xf22BvWh3OsKFUVjn_zDeGx8n8lyQRoYuJU1vmeEo3_uZFr_THTbALEHAxYlRwJukN9AGXMrgVjRhP6khPcFgMDRIZXQz-Vg_0FQk6D-tjrFQKBJDOIwTvAoXMSyMt4yDV1tHRffhsDtnYoD1FzzzKM5Ck8RwfTKfYDyi4QZ5ZdhmOn9B_kGxZGJhpzbiiGEGwNtnU6jbcRYXsewL0tlVjQtCCR5c3d7z6OQKDEcrzjmFMQNO_Cpdev4GKvqFyv4tfS12f37XwU8TOt3siN5-H-paVRe_7i3dDG171W9hkKIibTwTQwz7NMGZVwWKP3qvm7EnlhpIBR_4ZDGySS3w330mgbST4E0mu9dtm4Pvjdw0qk5D4S_5C8-hchAKeUUwi75z0zULmz9MGWsMPhzN9FqIqx-mupaUR2gje7VZG1YaxA&cid=CAQSTABpAlJWAZHZHSQNrI_m51sIrGXRUkUsl4aCNe6HgiZLRMnmWg9SeLkKmYACHJ2xXBtWGyGTVwzwpxiwlIO2LEe6cDdyrs4W1V-Bu3sYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=958705994936332400&adk=1964084972&idt=578&cac=0&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:39:55 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 0378 30 KB
11 KB 73ms
70ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:54:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0378 41 KB
13 KB 67ms
65ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
DATA 200
OK truncated
/ Frame 0378 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9d0d443cb6d38e6ab834ad35240b2d9f19b3a3523c5eeba9d7399e8686c185f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA2B 0
0 93ms
91ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshxR6_xOe6xI8dw19sRyCCWKc6nDUpgm1A--AlpgMnX4tGZVElm_vWtveTHo6x6InfUtXPTSLaQ3L9oqAL4iKInYnG2V6Nr3Wh0PAZwuLeO_pxqZvLPLp1EF1fqf-e6nv0kP9lqbFJT_1ogIcc_ZoyW0_yNV8bDd_kGVWNf7IBSBJ5qy9lGojEBY4hAXztAAmaUena61KJaLt_iKCbnWCYu7dAj7a1zwuY7GR7U1vu1wY5gpBL8j4kOJ-FaaK5XM6EZVl-NWUmXm9UjrutqqGzQVS0JHIEU0V7SSmYIImiXHLaYHVVAcjBLmvIO6h33rQw6f-ojkCuky9qXzj6Cwcv3ZVtWZTDt5MUU-ZbJQ1JTvkf3Ci79-1NE67KPFus7Q0YBC3wQyDkn40JtjS54oXJGaJE8c6-SQNSF6ai6Y_z8BJjQmfLNqU46ntQ3qST8e8hqvS2zuRb6isPztuC3zOexvU7vfzvMO90_71XmVcY-nyRQ4r6OYSD65ChdhbfeW44gtDPwsU6gEkh77nWQClw8nZ_91nAxoZrvnTzQ9vRMaIebd1ygvZ5j-NKYkvhZEBmWUgWYq9ZUwnWJEDoaEqHe3Ejyh_T_wFUFmSr_w8DG1T5hLxOde0WOsmxMIl6hAMMIf3sU0V3cxHlOZUq8GIf_m8SL_mTmaGVhl1QnJNS8q2zCkyvsl4FtIxHjI9J3i7s9v6n92WVQAYt1Egu1-8dFUOgesgPYZKg0l0qJyUiauX59hz4OTyb6iPC6ukbkoXuL6EQql7r56ouxuM38ESDtulM48WMRb9mCDhDSaaXW9803S2nDcpt9xXpl8Qa1SspSCms9Rg9sEvvt5jaG4D_h63BPyn5PZ9Xj41C76wIq_N2aSbi6bz4l-r2WkJsYy9VQpUztme2rHspLPgdd-Ry9cSMP--5uoh33BvwVHlDzqxqK8P3yAuk0hCN2BsmWfBa_xahL9JFCIr2ccN0TFIuMSh1ikmEIGPxBy_-PwkY4lkX-_-KDKB5qSuX8fqR7BlqBzMFXPtEMDWiukXKBtfaYOy2ZAYhTTcINfulZ8f4vJcIogJAJhUxTaFKrcvcECOSdtfjmOqpnFcYmdPXGMrAuf_rzIay4LNmeD-WPC3JvKG1UpY-335WTUx-x4G26WA4reb3tHoHeThss4OfEWctnGEsP685yVmnbevBjsrcwR3sf9Uu787n6pvom1StoqW75TkzkY3F-gPOq6Y3foTJBwOOxEhsE1D8hDHcIz6YElBjVtnNiZqbs3Doz6_qDA4AXTzo3IFGOpRe0NHLFTbaUqlJ&sai=AMfl-YSqIEMt85PjkJfYy6D-L0EZzKbPDPOnoc1CGc4gUPLXlD5U9hSxcj_8--kXiAwK93_brpuMPZRDITfFgciTLE2Ku_mv2RPGl7dLISHxuUCuay2yDIUENebzf19WnRpvz_ZTzzej_5MIddde14jlo1JmXACcmH6Z7ok1_TgucNLDJmqtg9t5QnJimSyDjm32iXBwo0GMDpffDCNwU1XIaTMqNQ_iUC738SP5eKdErM5WFa7fj9ySq0AFAv2gvxe-Mg-nvz_LcXCu0es9LZoF-HDVY_Dot35lxpSR7tTXYz0hamESYNu45Z9d5D8UXz-sVUOzpTF9TRHdJSJD8h7Fbv_SlwzTtmaRxm9g_I7DyXMDpr5-TZNj6GwSMsBVrvIwXfvDNL_bPi1IPE8AVkMgRpv-yjRyIByyYn3W1hPsUkjRlmVj6CXKkvXp3OGzwQiItY6uaCua0h7VSF_SZy__kCfcshT2YkoRRy_puIW2&sig=Cg0ArKJSzIuQajEbwe9yEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=947&vt=11&dtpt=946&dett=2&cstd=0&cisv=r20230830.77736&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 26C4 111 KB
39 KB 316ms
71ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Origin: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 16:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 16:19:52 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/ Frame 26C4 11 KB
4 KB 51ms
50ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4Cb63cuNmd3IiFEvj9YFrt_59i2f2_IhOP84ByVJARaTQV38mXZFaOHCR4RNjE68Adit1TxTrJ6kAljKOhaKL4t_sYa5z0D9w91nQh0zdBk-mMjuPg7aeKhkqbe-3N3ElDFiizgn4XEEL2v-JkjZrGdgcVdp0GDecxbFRC1uwRP1hhGNfzkD5nOV-6CgfMwWcfUpn&cry=1&dbm_d=AKAmf-AjlYZsvt-MrskQ7srr9Ojuh4df29mq3t9QmnSNxvGPxEHi2ceCz9R-GHbQ9PNvyjN5P9iuuUeoKSOjpn0JptX6ZQMze5OId1GB-G42Q89bhBgaPErep--01c2lJ9BbaYppyMab0wPsr8GIZSmnS-z51TS_T2N-PilFAw-FD7NbPybCFjD_zMTDglx0CN28S8wquJYHQIec7hujRSVBJB3bZ3sePmowpRPSud7B6-mE0M5r59mUU-DNQgfqJ4505XEADDIiPzrX7n89B30MWI882q9KeJqjjdfQ00MsPEe9HLsa8fQLz5cnE5wM_gsx460q73zlTpvb2xs9MVXRqFln8qK1QBgaQsXG4YrEUHxECyde2iSnCVLSs821xZYAvJQHQVCh1XQ_xHDfaUTnOX7M_JDBzL5is0nC88Vhsq-kN6x23d6FlvWzuI3JCxyY9URmmEoeMTDjxXj7VvEVeWlBoEGptqW3f8GovFm3KN3j4ujzHYTGHzLWsyBC5X3curjtqaWYwAtCnMPpZWCjWH2hdRRMSE4uhpxDTfVkpSgY3GlOSQqg8SrM9g4yqsMNn0lCsBMMRkHOj1k3PklDbgH_BnHUtJaVAXe57_h7StdGyEBb5ueE6P0ns9R3l0KluNfYXPhtjIUba0puSGs5nCxXmx8Vw7V905btzb1kXk2SvtAwihbpfTr0Noz7ztIHfwSS4OvUSx2b7QgRIVtf-ydtrK4TekP97pxZP0E1k9gA9dZSHB355Xul1HfBPXph_18RbkVlKwTdk0pYenSRoyq2rw7Vn0NYSyCu2lha-QYqGqTDEVG5dnV-9_-cVON-aGA5ljc_AuY5TlHtnPEr2glh8niUO8CsjzPOi2xLtc1nAA613Oxl0lWgrYdawoWQwhl2FckXjmzrhmic4bUMZ6Y6Z6dZ9fjaUlL3nwtOXplPS9-qW8DC0oqnWjLVDoye1hRZN8eljChyApSfJNLYuBn59m34MeFcyDg9nKRzGsNpRMoB_6reBE83J-JRDCNSL4fnGqSsdMYwKLVLAPJWvK_gN3HqtCzFTKPy0X2TmvKnHV2VDudt2FY8OtrLVXkSPZpcnJHIQHk--mawAU5zQupz_zYL5TdxWRNIKM8wmuFf31L7Ut8d33bqBht4RIpK1hQi59p0EvsWGqmmT2dljFPEHbi7t677ObuWwaHJp4nj5K6ICTXAiTiHblo3wqFVz-XYeefsR1bPnvMQ-XRwfCLzTpXKG_IbP1pFbnreSFK8l4Z5KTV6kk5hJDHZ-IWya1Wq2jD1ApdFglSyEHA9ArUDzh8oW3hYvJ5yAd3haMdJdgkORVFuoylK9eJF0AqaG9RvqdFTr9qxl4WCxA6YRity5afxS8EB5gdI2jrTYCEX1n89Rg3ppVqHnMuwxmSPJgsuNtAU5P9lvUc073a_V1LzSafjdNBIQvbqNLtQ-cQiLMmi_FlavtKnNkd9MSbB0-3CIP51Z6pZjWc27BFPOzBcGhhvoG8UefW_rUv6YcTQ10tBhg1brhcjRhdNNDf307wSnreaDpdE6hut0R8i_zUdfbGzofeGUqH_OXPyFBfdDs7Ma8FRMeJzgo-PGBDweiR1aZjtcKzAEtkPQepRS5SboMSJ9ElVuZJ8swzZQ36cPxM6m6sJ5xBV0NaSv_fcYEhxdSKRaOp1M7r5UrsvmmJRItl05Ck3Wln8_Plw85l-saxvRh8ztdBGQclxCn6YuX1uOgo_m9LFi33aSLFmkai1nobuy1gigvuBZ4YJ25F3C7WBu1Cl64E57NznKw7uPiHiWRI5BUjv13u-xlwiPhW7IXmSbGfU3yvd-ItH4LqJeuv4GX5i2DJ3AzV4qdQU7N4vyTA8YMbjXTLNckl8x0b9lQxcwiWJ3iyfTrj_pnFdCVrguh4mzyEk7uo0meFIY5n2OFuhkb5v6iNzm5aRf7Ru6xMhtEXPdMA4WW2mZWN1gzwCD_QomsNKbv3TDNR2hymBsEbz-jhvb_blyFZs5zyiZcNO6HwrS9rfubMo9byu-vF3MPfKZsj4nyXduwAWF0vbxGRpJOHc33GeDe7A4Zsso7qY6SEwD76k7aN6qtAqv3Ta8CLns648HHKh0tkCzY7IijgOdeIggqCa3o1VWtLkxw6zBLMQqb3BT9jI8CJ5XvrvL0ftNR-GSZeWAj6aCyFVegWQAquRl9t_GU9FQWbHoLTh3YRpiLLdLyuLAvD2mzNoR-E1VxPcU5Sqv_K42mc2NLyWKg6vuUtcPaIIyFkZFpfCPMvlPhGZsL7QS3pq9zpIsyMe4ovRRiw6zikDCiKPeLlkbzc6-GevrrwS3QOg5YEh-JzEHw5OFpPiNNyVyd8Ry0e9Z1YRGzzGc3dtaorrcfE-fffO6JbA07UxJrioyHbEL8irvp3xOtpOVHGts5V5vHHDJLv5HCUnHTM8xc2jHuv4TB9bN65oQLOHZpN_F_TCt5hvnbwp9VWOWXMDNVGTNHQqOQaSzNxlFM42wnz8EYEAiB5D6s4mUkM2-zhSB3C8_ohAzyjLr8k8Yw8IfQ9FRmbq80ubSlOUCXQFjPGTc1VznfEemIIoz36ylZg1BFZ9Ukoc8S_lIeRiVPO4g1YwTVrCTYowxfZQ5kHP8s1v6nK3oj926D87CZrsYRKSFOrGTIgGMQA_N9hAtvMWpcIvM7vSKV1uACcmc703z_PuWK-9CGH3vyx22r2lK3y21k-rlInWr6JqX4uFlVPC7Lc3B90GVgSfpFIgzX-ePrLF3Ho9VDeSyesW5NIKyeanAa0rxkhWN1f6k7jRXtvQM9f3Geka5EDcGobjTmHNVdqxf_ZwRnY5btSgTuLY4JqYZB3SbDZwvNh5f7UjreA8dxmWCsm_2Y-bWVB2JgNq6f9yTihtXQ2D9CjHp67GaZBVwtMQFoXE8m6LK9EpesBDqIe2s8eUPss5zOlNGtehr0rdgey7eV8cG4LPybgDsgRBHWQmh78riiSk6jd1c7acIFpyG2-MQmo0JVigonlc7KvhDKFw0l3YT3uPfG_OQ42VsRyPPMPy90QKKWPy1h-4xJGmEnEMOAK5V-BJyDH0A1sd1uVDYFWG0xbsmzaH6H0Bf8JWGhj_yFHYPiPRsHoJUbqLzweCGS7o9vytDJZQl7IGFmK5bWXyUU_d-mkLGQ9PdrTQaTVt9THgcBEsb-FB1rfN5TY5vTyii5k46SC2RoBZO0y89Junt6vacmicfAS5mNx4q93HaXwyMpljrmLrHn1eCk4X1ry1RwmuQJ8wZyd-ASh0Iw0P0PiwVyWbP5GRbAMPFL-VgXVgajCh1eY-7Vmq7vKiZNzpkBpsa_9hXSLJ10ys1Zd4nYCLJabmCMTTc4UoGKF3zCF8xyrdAdL-LKzL7k517ieE5QTW5olEP4Z5ACWdA4Zta560UPHKgQWlNpRBEQ3Ju05Na-91BUHF1ThvoKVcyOu99U_1FFJ9w9ZCljrqsoimsUJVYl6k-0SZpqjw6VjeOvd7DLVM61gjIZLDQWyivPIdZIN7ISRUGxurTtnrab3vuurNZBuWaGwwm7tD6ykLwgPu45Muh-r5yPm97qU&cid=CAQSSwBpAlJW2uQ_zT4Mtac_KurT_3TPgsxHbkPIl4MjzMnR3U3bKk-2WgCiqiWteIJKUsWbAwR0fO_667flQ1RooYSYPNewx4z4h1NX8RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=2240196352323438800&adk=2923430907&idt=670&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:39:55 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 26C4 30 KB
11 KB 48ms
48ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:54:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 26C4 41 KB
13 KB 46ms
46ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H2 200 container.html Show response
45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D5F 6 KB
3 KB 49ms
48ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:37 GMT
expires: Wed, 04 Sep 2024 19:45:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
309 B 50ms
50ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=file-upload.in_auto_interstitial_desktop&sy=dcd99e79-19db-4b30-9276-bac41d038dcd&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=1eda2ecd-c902-4ab3-baa9-7ae91bb24c33&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Tue, 05 Sep 2023 19:45:38 GMT
cf-cache-status: HIT
age: 1536114
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8020f9472a994bde-MXP

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3392 0
0 112ms
112ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYcuAZqBH_vSTXcJkfcfnBtm92HYU4ptfkzAL7LcoOcO39JxKYE_AKKCPuOrk8PhB8n2riS58ekpFZFRMbxrx-srSCl3fhIrw8AfF2h4snuaKQ0IDoVoFFSZ5vvZ2EZUuRdNLhr0YV-iO1eW3dUuaBUFGTVFgAUA2yWrgTGOcDr2pGOPq-UGKo1vhG7kwvGOM_ksVm9RRPPvKS_2OEsgTuUUSNF4l1llCqCo1NPX7EMx5omCM2GktsnOhX1yUX6tYqbrnAK0CX0CvTP8RmXfyRJMbty7p_jLEBDG867LdVfcIhJpuPq0r2hisa2xMA4vH99LBLVQoTAS8nuAo-xbMHw4ZMAiBfoQdNJmZGwLq50WhNoCE1w7DW9E9X0sXj9G0styxjgLgWxICJcMz8FfhtBTcLuvM-OMxlf7ZTY2i8gOLTpugP-Esk3n_lVb8BSopCtsJZ6fEe2uY403DEPYCrD2xd_kV0WBT2kNTe7y2nq98Jbjqqf05CyS1ialfnGjRasHMPOesCeZgbyuS4JzZF1xyvEUQzw7dxxlgzMUnnuDXwv-OHq5Z_Ih467rkZARsPJ_DNJnQRYWTvw5axRotKNAFPu2BGxa9mWy88wAV9_qWY9E8Oy9Z31kXBOBPqXBNjTZKin33rcz48pZGneRdZ2KZ6LCDdWZGHrkvzsEPtkNspKPn91nr8FV1pGI-Yh4oOucorEMMSvLoXjRUjQM6yRM-HFr-uqwtBApRhqIVn27QzmZTNfDPdqCrkaR1cda5Cqy1phhuv15G1j-yPGs9llbSaZCCkYKfqEynW0__0Qh1cActSBpyQX1kvjkn8zClruuDAH2UHBf58BalT9grR9ojNR4KHL46wr59GGI4S_98yxDneXVOP2FbrzcXOGzp32iSiMpRer6xGZvAro-l7VR9TjsGzYT1jTgt6JyWyDV9nGWF49MgDWkyYH8cRJ9dxjBjUnsvVY5gTfaOy8rXwyxePsP7Zn7GawWPoUklTt82PU2NGRmJ-SUsPQ8tcFEVxKmHDOlJLTpluhamMJodyjxklNWhkVWNqBbxnZegthr0zB_y1L3kGXAo6D99mUrccgOsIf8NS0zZaIdA0soa15fg_ampVswMzUDr6iS1yc5VsTJJDii_ONDvhrCekynya4mCpjQD5nB2aCVwnIw1wFOS8lc-TS2DaUbSu6QNZDaF62sTXYT5Dzf1Jcll75Hzk5Hcwa9QHLVqYmecbbFqVVxPlkOb5yKG3AbUBNc8qwfwYc9uK1sdoejShFqA_WV9q1a5wJ2Xxc0q6it25jjcXYHFw0g&sai=AMfl-YQA4KHtvRaLIhILZbmv6816lcSmQUJhuJP-Ytl50SbioISh3QA9GO6uO2-sMqd739PQgQPO5JXWRxN9dGFNCI4Salmm4jDyKHixoVYW-fcFQBJJxMP8oMx_VbUpxWUGS1c9IpLMWUISMbrfDANAZR3pOlKTnNvc9TmcEvbF9YHhp8bUXaZ-84GeI8lNK8r-x2ixsVT5IQeCQ_o1le36YAsEBEQo1Mxsg4M_WnF-te-9lV6Dj9wAMA1IHR1psbWVNRKuingyvm3_seVJ7kwOECVR_RAgHzP_Cy9SghhAe1KhkuqLhSlsdtrcl7Qqi20brJSV_8EqDML6JdivCHanMLCyPXCWpT7KC0-Yqq9hQtM-VMUQpMJqba0Z3_IAeNgIDNBaOnzGj5H6ZDrCmr9f3OLli0gSbQWGg7zm8TQfyxGLZVMQ2JEg5CmoAFNW_9MYUFfuieLEK6uaKo2EIsQhl4lYe95s9LagOg&sig=Cg0ArKJSzOhpfa_7WxW9EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1058&vt=11&dtpt=1056&dett=2&cstd=0&cisv=r20230831.54767&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
DATA 200
OK truncated
/ Frame 26C4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8c3987c80f48412939bd25f4379f31ef7c914b1d7d45d918bb6da4df018227

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E1FC 111 KB
39 KB 434ms
133ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Origin: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 16:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 16:19:52 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/ Frame E1FC 11 KB
4 KB 54ms
54ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARcduZLC31EbGnIPwZ6NLJNuboYoK-1ZwYc2gzIUmccihRTQpyRVlx4KEh67PWouMwHlhqwR2ubl-vvyUKYPWDc64NZY-gel8VUCWTq1er7Qida7oyd3h2Z34FEVlccuUjfKC7ABD-ZtJeE0dXLsN7L_OxWfiw39M336wqpvDw3jDkppf6r2zJFcuLeGC9P-ZUgfO3&cry=1&dbm_d=AKAmf-Bc-ZWYQ_V3vwamPc7aYbw0DSD7qztRtU_lxMTtGyj0qiumQitVZyBTeoVZQVlnWU4afeQ6GvgePQjHfikkSoF13WeCWEkskffznE5LvvoIi68bIlyxguR747csEDBLQE-1PVwDTQOVikXhr5JVXGzfkonPzCbKeBbT4fD_tNVdFytHV0sGR7_ProSQ-LXLYGA1nruDZ6_wDMa_9lehgVUtM3hLy8UVkOGR7Gnq9nmeRO_6F99lWOp4zOq00NwNndUo48qr5URt-A811pE9qNPA1bR9zRImo8B7S-Hr4vxRcQ5FIIIia4BnEtuSUkVvKdGv2YAMFdpDSlFLdV00QsMG2jEI5qSzMmRaR1LVK_qjBBv88KKTLEW373FZvbU_EiRc14y3wU2d-x6KUsC7YEWs8QSL4W1JM2ztNBahxMXnkjXAT8prEMKMas_RxVtGP0QSh6aFNy6t4HGC6LGWB_rBL3It7Y1pClRlTgKYBpF7GNB1VQBDHLlK_i6Co4uMacAjj3Y96SX-FKhWEGLew2Wghtl4jDNrhUsL8RK_oy1H4uOTTXrpP4H4M1tDXxzUODTGFPXLBAMEeBs6KhUMSKcR-A8tqpaCWCoIbXpPRTG_nEQ_VOIP8IXqnWCJObnJ5ih-UN0LMKrViBewTbuvC-GPBO5NJbKwhW3Tqcvk2GPkZOY-_HzhhBxP34hMQXdWrhNb0AlUq5XHiAM6_PP0zWt-1gzBMsDOjsD3ls5shk9S6kD0_vYQTUp00IyvPvC0d3XVlN5-1TRZcjbnJo9xWLW-8y4oK8A4kBAiKL30GRT0BCkpDbk1FRJjhBJzqdaNJcYOgTYRnOBP3WH6-DG2b643SK3Fw6q1rLKVY9RjC6tlShl4Ry-W-0uczBwDM458369zgyLlxXBn0Rb--8FQL2DaYeQ_JhjG3juZhfvA5vKi4YENAVZXxbnbrTkeXkQKkeg4zVIOfyJ6Ai9G6q2ccVk7Zw24C5XWYB9U2onlKmA0LKKPSutpVIlkik3Q4X-Am2YQNkGm32KdxI_Mmuzk5yC6ALImiCZPX0RZ79rtga7mHDgZ5aOKwH1ZeMU0tDjMS_fxOxNyYkNsqVXgqcC1Afhodc9lWXweX1kA2Xb7y3MvIMx9WzDgXi5m6di0hGa9FE5pQH3OVIR8jGf51oqVA8TcoPoLIQClR-yjcGpDnrtFu8-Mv3GFiE63q66eqG5ejn5-ikYrMobGnoI7AAEyV97GdAGWqvhFU0GuNq2F9c5ei6rpRwueMZaY4E3xa6BX-j0Q9Tn_t2iKgm7_NG_Ot7_JEE42NR2HN-tfERP2sgcPSzSeyW8VGnDNZnO1qDxjlzbAdVO5xFRy2nxl_zHneYgVZo0ITkxYIwIxKLvC772phuH9kq18ivT0x-OD4VF0JhJp3GRsCPs6kOP_R_JibVY66h1Xr9IS1wB-T1CeA05k9gP1CT-_volyoDPREUQ7KQb6hrzCmI9wsJvekMIY0nEocd-_Pd4WhkXIMCUcPEQiu-TAvBBYKc_MC_zO5B0t_wWW5cre7WGUi7yUOzmWbC6bU5yB5RWCGH8XT2tXx9351DqmjWC1IffVMRt2K_NyZqJJwfrl0KH_lsDPdoULpTAACfQQQlKvqQvocP5QeBbsh_wJ_mgnPHW5iD91-w0nkRlOtMgIh_WdPVqg3j1zb3cQKxscrNJLs_W9HlieVKT2rJwkDuxEqPQOpCSpB_AUTy9d1E-AGYzp62jcD2WwmDdvl8X-fyBDHbkOmlbq8LQVyg9O8XSdTtgJfryKTYbTGwhFkYt4aC89ViAKCgj6oMVm_6ZALlpfdxbbW7ZsgJ6s73-QoWhyukTAvIAMpv32Qttmdpy7Dg3fobZUixc2qBH63_F_Fp8ksoyxP1PjIibpsZAQOMRA5dBV_RSO4duKA_PvcXyNXSogIAO7etP6xP6KnZXNy3MVlS5-Ma0QSgfnqx1FFCW_ta9mFL95pwHNsv1ui3LUL7lPmrNYDphGVhu0yOYZWpSofroUzA2JdJXoseP3CI5NSUThtff18CS6_-8qI6TXOZBF1ssc1TbrhGA6mvs3KjO5Uv8B_XRvpWRuRIrUOVjTVO_0_OckBKxHC1EVwDANfqn1oesU5qnX8vIiLk8UOWXwT0JCF5DIXj0zHcE6Qcl4pJWdF_4qLBuaCfo75MGwR9rrn6Sz7DdmkKYhL_PmI3dOwuYiWSkzME8Krr7KUysUiu1RJk-xpQaFdLW0Vhyi64PgKMzlCPSB4YpVRfEe7ss96Lw6795MX6lYtcMgfIJsFHFUHzPtWfbQa3a1uDqnJF_QVgexK7ng8TnVPEv9rqrKoS8joi9MTJyiqlgOKdP5oc4Px0b8Hzv7t5eYkIKxYJdm1FZ_8ihZ-wr-EQ0LSAon25VT6ZI41F7DjM8dPy63P_Fre5ZjP6t2oyEw6-oB86t8KlZPC1ksGxbIznRlrvvmbBgva_VVSk8TqnnPVyeC2HzUPfOrDJR0NPT1ERiXxcaaUp_97pu_2PAp1L8OOn7_95AEFDNXXyhEFBlDFo2JDyrgOH5RisVqwfJUCfOpDyjcfdUvFHFPLyD3yoOhEdO8LjDApOSXezuEFVZfJtZgFZBfajcw5QOtxiZI3OplNVlBqjLe_LsDuG8H37HBOIv-BqkEEfBtCq0EDy2JRwjyGIbfSfbYTTpCWjUROR3bVqfMcxpQUSLIlpt7Ii1IStb384wcTvXdrObERGiVgSTWKrR-OGmRSZSjSvyGR7IfV21tZmzmTi4_6HtvJT7401Ru7B_xVgREe0Ev0mN0hdHZkNg02g8rEai5gu6PYtePRiRyR7Dv02Q7Ki-Y5p25be6SXsGOF-Z7SmXCJa7p88rVn4Shkk9JnrpuNBTYbyaCI-9dOkHgq91Yd4WYa_1v_I6gil_fnfGzXYhWL6TiKxjjNDhapHVagi-95RhXgSHSsNilPXi7T9my4nS7gsd_lM6Sm66WIqpMORBQ4YN2kKXyNQwRJaTcR8b7YwurQFKDWjcHGio6gnwvYcXy4-p6YWLjhCjfT6hUH2lrTZdDkyTLDNQySqVtENEH2jLZjOc6bvXGgq-Oh3sxT17EnH-Q-Y-BdaPMou8JjSwOVu_y7PgQl3nsdbBGaNy2XJ0EZwUemu1Rbgsc0NKuOZqdCGbv0oB5NpcGZr_Lw9DuLaMmYg71rI_wZoFbWjwbSIsQpomHr9uBZHrSSzMhYSZ8Ewn5SU2hJL2DcFjJrRB9WjzU0Dv-7eQenoEwqiPumOopA9ovlvSH-9IpX7bxNyQXbNQO91Pu21ElsyQzAh4b3cV6abeBiCe6729F8NZpHrQPgxJMPYlxxCmLUK2J_whnOQIqIi6nx7OJZc4aCJ2iK63aZuHUybVU-p0cYyRLKtd2WrujX2_Y_Yai4dhbDds8_CQX8ky0sOqsFS7h-j6bRa8H1Q4S_k-qdiuLUCmDULwWdPjEnCs9rKfswhhUmAv1RrFdD9DP7TElOrGM6cEPiqUl8AqGhdA1HJP1hUjDbO7JtDLQIs6a-nyeRJTm4Zk8hx_r6Qc1FE7hJxwZzkHMsRgTQUxCnZx4roy5Z6u8klAzZm_zzhUfmVXz6OqiJHATdE3SXC4yEpzpYBFDSXbVZuhox_vJ0har_z6WeOXFzMSvEzD4NhDRdRvsIGoG4FkjaWE3cw&cid=CAQSSwBpAlJWaz8F0yzXV6JTSVZYu_KEVq6cdalbHw_JywAKNB5vP7J1fOG37hhPJFF6V0b_Oy1hkxDzuN-ZMHX0KCpaXkxzzWfWwd-eCRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=11816228503121572000&adk=356101037&idt=685&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:39:55 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame E1FC 30 KB
11 KB 82ms
81ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:54:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E1FC 41 KB
13 KB 76ms
75ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 03:41:15 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC3B 22 KB
8 KB 68ms
66ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E1FC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71020c356316ebf4de71d33459c622cfcde84938e834d9c9a794139681234202

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 0D5F 4 KB
1 KB 529ms
80ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 19:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 18:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C73 6 KB
779 B 515ms
83ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 19:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 19:15:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6C73 2 KB
972 B 87ms
86ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 6C73 23 KB
9 KB 325ms
321ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6C73 3 KB
1 KB 384ms
380ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BCC7 1 KB
758 B 73ms
68ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 38931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Wed, 06 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6C73 20 KB
8 KB 154ms
154ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6C73 0
0 511ms
59ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLeOrKYGVHCM16zzEzyKeZbh12poRJDezbrvYMe4kD5q6h0nTdcKzfC6svN3lXv4QsN-tP1gK0Pdd-F8ovZeKm2QIFkA
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C73 181 KB
57 KB 118ms
112ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 6C73 36 KB
15 KB 764ms
69ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/ Frame 0D5F 20 KB
8 KB 374ms
374ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f0f793aa76529eec89ffc0f70f4c839d4ec53810a3b9728de011b4638568918f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8567
x-xss-protection: 0
server: cafe
etag: 4859864344963386076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:32:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D5F 205 B
650 B 753ms
68ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:44:17 GMT
x-content-type-options: nosniff
age: 97282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 16:44:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D5F 604 B
696 B 752ms
68ms Image
image/png 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 513660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Aug 2024 21:04:39 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0028 22 KB
8 KB 298ms
297ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4EA6 22 KB
8 KB 281ms
280ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 06:31:45 GMT
expires: Mon, 02 Sep 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame FC3B 38 KB
15 KB 98ms
97ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEPUUTQ9S3QdJfCrkbIa7L7c&google_cver=1&google_push=AXcoOmQncUvfv2dwSYpm0WEBJmp6i7g7OfZWDHt75_FeCm56KHUyghKyVMALQlImxR7gFo6CZ_DGtyuq9jBssRRE4NlsEfpPFdrN
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEYxQUQ5ODQ2QzFENkRENg==

170 B
188 B

417ms
417ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEYxQUQ5ODQ2QzFENkRENg==

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEYxQUQ5ODQ2QzFENkRENg==
date: Tue, 05 Sep 2023 19:45:39 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRbi7...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-r5txBV0w0Nies3qXnFrbRUkkVYwYHWxaPyz9mw&google_push=AXcoOmRbi7k_rz7lvKyNc_HiGZGif_pofwDZWdnTW2Ssu_WTlQ7-PJSr4zqPKhYwZmTx2KGCMtF3sSweUH7D...

170 B
188 B

58ms
58ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-r5txBV0w0Nies3qXnFrbRUkkVYwYHWxaPyz9mw&google_push=AXcoOmRbi7k_rz7lvKyNc_HiGZGif_pofwDZWdnTW2Ssu_WTlQ7-PJSr4zqPKhYwZmTx2KGCMtF3sSweUH7Dpbjwdba9aiTH9myU

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:38 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-r5txBV0w0Nies3qXnFrbRUkkVYwYHWxaPyz9mw&google_push=AXcoOmRbi7k_rz7lvKyNc_HiGZGif_pofwDZWdnTW2Ssu_WTlQ7-PJSr4zqPKhYwZmTx2KGCMtF3sSweUH7Dpbjwdba9aiTH9myU
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 826999
content-length: 0
expires: Tue, 05 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEI18yxfXQ71iGWOh8GWdXm0&c_param1=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh

170 B
188 B

66ms
66ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSvM_Asg8qsNBZjBDZ0RvEKSmBsyOaU7UQAhCmBmiASEwCS96bWZ4jTYK3UJZB33s_Waud6omUoGIXJPEFSqJES8ikYV9Sh
date: Tue, 05 Sep 2023 19:45:39 GMT
server: nginx/1.23.2
content-length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame BCC7 0
44 B 1205ms
332ms Image
text/plain 52.199.143.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEDEhQM6sZFtDHFbpK5vU2cw&google_cver=1&google_push=AXcoOmQCB5UNkD3TFFSQgLgjWLL1CV4ztLIp9IbQfL-hY0uuYD8eNddxr0fKMPLk1RWRFaas6Oq33FbXccfGPVOvCsJTNLSqyp9e
Requested by: Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.143.202 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-143-202.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:39 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEL8jLS2J7g1bquwaq1EMLTc&google_cver=1&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glD...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glDq4H_-UN7rD_ecjmzvvdFbat5u3fvHObPGTTYouKz9dBSg&google_hm=QlMuYjlhMS1hYmJm...

170 B
188 B

308ms
307ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glDq4H_-UN7rD_ecjmzvvdFbat5u3fvHObPGTTYouKz9dBSg&google_hm=QlMuYjlhMS1hYmJmLTRkMGMtOGRhMw==

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSB5ZqJFTwAsfDmt-dn-lnfXO01Wazgpp-SFokYxJOkJ9Hwt2glDq4H_-UN7rD_ecjmzvvdFbat5u3fvHObPGTTYouKz9dBSg&google_hm=QlMuYjlhMS1hYmJmLTRkMGMtOGRhMw==
Date: Tue, 05 Sep 2023 19:45:39 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame BCC7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAlrK16kghvFHzoUSZQMJR8&google_cver=1&google_push=AXcoOmQBFAeZvcl8aS0ygcRPwrEDlsPMhu8unCgUgQXXbHwFNTL6gF0qwjZ7FrMg8IYE9KnFE2lL9BLQ65_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimbhC8VlxNR8uvc5qM6fYYO-2ts8OR259w&google_push=AXcoOmQBFAeZvcl8aS0ygcRPwrEDlsPMhu8unCgUgQXXbHwFNTL6gF0qwjZ7FrMg8IYE9KnFE2lL9BLQ65...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
291 B

56ms
55ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPf_vUB_sVrTSLVNzc7pxbk&google_cver=1&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A7a5MKR2mWqBWagA2UB3UrR6RBdePY8wsbPA

170 B
188 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A7a5MKR2mWqBWagA2UB3UrR6RBdePY8wsbPA

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 19934c18.1cbeb9f8
date: Tue, 05 Sep 2023 19:45:39 GMT
x-bytefaas-request-id: 20230905194539E88F8CF571D9D235F40F
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-84-216-217.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50497662) (-)
x-parent-response-time: 96,184.84.216.217
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230905194539E88F8CF571D9D235F40F
x-cache-remote: TCP_MISS from a23-222-0-26.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50497662) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-5diUx8yHjNRjdIDeT8XDL5ttvNdc4sLZcUIyCYqIu6ySvYpWoUsBeLLNP0A7a5MKR2mWqBWagA2UB3UrR6RBdePY8wsbPA
x-bytefaas-execution-duration: 4.09
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 10,23.222.0.26
x-tt-trace-host: 01ff937f05c4de9c384fcbe37c9bb5926a54e5148d346288c604cdd9cf3c64c9821fe72f809b2b3dbb3cbf924cc657ccc7ee96d6ef2c4dd507db6dc47933baeb7e703595b9a39bda8d34218a8bc9abfe7eee013b557dc32f17b50adb3da1896efa5bb62a36fd46c74fa451d0f30568ae83
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BCC7 0
50 B 109ms
107ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LoW34twxVZnQsma7bfw1ODQHalYpCuKjBvnRtW_BZJ_pGAeuoOVNMNWz0q97DV2zemA89laJwx

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13179821770684833485/ Frame 0DF5 728 B
564 B 87ms
78ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

ef25901c17b7c04d07aef375bad9a303b2f9bc941587b2e8cef0581f1c954c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 428
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:38 GMT
expires: Wed, 04 Sep 2024 19:45:38 GMT
last-modified: Thu, 22 Dec 2022 14:50:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0378 0
0 173ms
169ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5W1f9khRPbPsqMJmuueMiufnWbcKj9a36Iz64mnb-yPECtbz9RMUL5ey3juTWVUTUnzT_YABDvip1iRNpZAzD10AXfQR1rJd3ozPwtv_4qe3S-VxHMJn5o9fKH1BwCuEgoGLgMmzlyD9FNk3Wgq1yq4Ay2_spsoZruqH3WvqdTagARvJTkAODFBpa0WfeiEVbrgLGZtK_VizWrZ4tlbAl45bXu-6Kf_CEZ7svoBzIHiq2BJ_vI5Fk-WgNUGzxoJhnGdwhwJzrpTzd3ojLozeHpkmrv3DxaR0SzqsCVgF3y1IwSeDUW6v-AjylB-4p5mdFzZCETqF_Wi8PExWRjXRZVdmlMHnH94qcrTSa-Ze5KMcO0MgYfGk-psulKHxfUI4qVaBAW7xkWGz2pdS9a5d8jeY013OUtfJgesOr_YifGAU7y2uc5I9mUc2u-hbIyltffchhAJ0gZUABJFnye8GYPb9fdx2aasbFIACQU2G4sLAQTh79ohZ_nyOp4ilcMXQk8Hd9j9GYV2vncyHzYbPiUq999XyKAg6ohQkQhCVJJNTOGOvPVr-TVjUPXqrfurAXxyatdM7y-DmnRjtLeZe3W4Dt2gvzCjEqpcGufH6XWrbAJMF5B4hRlIf3tGDrXssDY0OSUXz3IphmDX4_h6Z5o2oxjy0W94G8iPdl_wCBZ5FPbO6jn55iOMRNEX5mex9ZRSMRc6djl1RMPqPMZ1wI3v3vQNRDDrAN7VZvVkGE2gqnMqBHK5MRQhfkulNvBjnlVipEqjECpd-amtkGdXHYP521qr8hFgi9naoNnjpcTq2bmpfdldaieuvNr0h7xR9ass2P59V0rRKavBzyCBhjEa9TiZQ1Hn9cFX1EyQtjVdNG4DdE83p3meH9oJPVxXWxllkiDlxoJKjjfaeKGrkeEdC0jpDCJLN70-PChzdr-a8uszLOMV4euprYbV3joLzw3IHb8bTnK7OZk-ipi0uOwh57LDva9ehbFEldY9eCp0-teP_BOZCUnp26MuZkBV8sX2NRsDNOH9c2JkwlhZfQVMYAfZzhdxHltMgaXEIwjEYoieRssLjBG3cfXfFIpyhtq7l7HSmNyngVRDtkKQWb9MQbhgePxSm9TV6uMCDogY7DsgOCra5OOCQMMEJ-vQb8wMywrml4JAAWOlVFU88b0gIpqHYYbL3yWUyO0LCBCtkhE8s33mAPABHlVHLNk1ilWcPVedzw1uvF9L7aRyo3BV1IKpZp9QtaxQZIg6NJQmSP5KpvKeHTzAsTR_EvQ9e4IkGakyNDS7F4jxxGJ95XAyVebwola9sjElzINK55isE9HMWLRnSsQiI0n3S898KAitSa6B0dgbko10VJWtmLH_gpiaPAkhi3GdQKb2YRmal-Jg&sai=AMfl-YTKQfCxQbr1OtkiOLLkNhREH23iIqLF8D2TTClO8fJRrpLKzIevJpab3qpCpmxMV69NqcOFSguULw3NFyGFDgDe0Uba9fdA3_xBphhXyq2vnfvvIRCD0bIknHJHHq4P7ni76D1KwSa4Co2EE4k5fhPeUS9TzdgwgZk9oYMzbBKb5MvkiVCyjwaq9tK6Vpon4BC5M-ta3s4XrDVnBhHcvxAVmej3sjaZWyGkuJvjlM9zw2X8WYqSmwW7ypSH6DtcjjXsAeh8tF3j0N3BBpOdb8cJ7zW2xoZSOMh2PWNGHkv_rkGZAs8VIc5B2VA8&sig=Cg0ArKJSzE3mJC6ObrehEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=751&cbvp=1&cstd=739&cisv=r20230831.08652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26C4 0
0 160ms
160ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkMBPG2mZCKC1Y23JV6CZqaqrayuuUKiVmA5E7HG29wQbOCyKIjospb5uZfEbb9bSa5eIhAWiuh_HR3M5fmodfo3PFGO9w-JpC1UHRbdgHxu7vYDHvzwpu7zc856owt7Eo8AozDI1CpExUFRqBPiy5WbQOK3Mv3pxwekrUCx96cv_N9vAcIBWQXJ5Rt1cSMMfQDxPWPBfv4xOq95CagiL-pfDlLR0jQ3MIbJTJ7JIJqZJBuEd1CIwY63gbSOyVqBdzcUpWjWb84CrXrfBT3N-AgG0CESy4o1iu1PlSHjYkiNxD2GceAyKHgWVIrsXp7bfjs7l3UI9kdDCA7WUVeG0acUPejg1HdEffbUdA9p1CqfunKkcDCTJyLhS4GSql6i52JxXkQARNuKO_CT4crhOvVOfYKcCz8B6sNiYtHMA0dHBL0MDw7KyjY5aoB95V0vMDHYrE0UILLpXZkz5g8lzp-j0KAWQ7a_sQ2w3itdc-Fy4lX612TFT0CyyzpWdgmu42OT7pLRjvjO9Lz3LRYDXAkL60YEp5wHPT7WePcstYq-S5XC-4Z15RqIJ3poVDzRkIzR1kMfPaJIpbUduGa8KqwudLFYjhPxv1LW170j1RbWYAGAztSESKgb2CvuygmML_K7kFoZeFacyATtnX_dFcFKSIxSGzCi1ORMiRtJRWYT_5VQcHDRIDAnSE_QcyLebZL5z1dMQ95J7XYJkdn5nEVOljj2aHG9KT_0P5OCSBNQFQu6vqI6k7xI-lVIUOPHstN_LgbGpwBTcRwsoy0pjSdPYfWuqjEOzc2goOBLdyusZubki6miLS2kYtgCK3YLhlUu8fx2p_VZIlc-wxdT2H5inJrTiO7ZEw6dAaUZTRjHUsEdQu0KnlFIW5Gia3bSJ2HO6wNK5jgssHE-ZL9Ab0RO4LSkx2eiXp0L3y0Q-kyLqwzU9Xy8YrE5_MON2qHmhEMXwccknAxrEdKoc0zwTarVd4AitH9BjSlClt4-50yM_Lj-hzKncgem7GEv3IloCKfxJh8yk9NHyV0cA88lJT7wErtks1yZvUhroX755_fqMaSlYvaVjnrh27CNctfQivgavgEDHhqlihMzM1opXhTJOw8NyKl7uBEa4_aJoF_-ZV00DUflrrWGtWHWWUR-z1eSRUF6AZJVrGlNPKszW09obS1lzNr1myIsH35CSg8-jUBISr3xYWf4l0XzU8-yLNjp3EzIGOno4S6nzaFbGKJCRf9_NiPKgWziCBM2O0EplUZ4jhWoqAw44X-w4cGhP-qUUhwKTzEbvrs0aruw&sai=AMfl-YSE4ja2ZwPgA05042JPLPChIG9YZQbtT0jAeKQydXVcM2jNSuXxCNXQlyu4aMyIuR-khIpqNAOiPFUIj2W30MluP_Zpa0D0DtCan2dAf_wC7Tc3VKfcvATYCfxASZ2Hh2UlmnjXZ8rH5x-O5NietF9iOq0YfH_wiYCnUSphlGhXVzLeIkOUon2xkb1LNIKhPf6j2Ild-lVDOOnn0xDi2U71MoBHYmKiEnUz-habXidQptYo34WmcGGu0khxLtL06dMsf4cKzNcH0rrWdkcd3AEDqQSBYYTm&sig=Cg0ArKJSzHb88IgYmuaGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=562&cbvp=1&cisv=r20230831.99197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Sep 2023 19:45:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:38 GMT

GET
H2 200 4561794492457212962
s0.2mdn.net/simgad/ Frame 26C4 41 KB
41 KB 132ms
132ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4561794492457212962

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

0b0d54955e49e4063c02e3f34a4905b517c58a614216b2204497c04695b1d9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:13:17 GMT
x-content-type-options: nosniff
age: 102741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41748
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Sep 2024 15:13:17 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0DF5 118 KB
40 KB 51ms
50ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 04:00:00 GMT

GET
H2 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0DF5 63 KB
25 KB 109ms
108ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 de_CH.js Show response
s0.2mdn.net/creatives/assets/4418759/ Frame 0DF5 132 KB
44 KB 58ms
57ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4418759/de_CH.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

a638d2453451eb4da25e3b966e967172a529e2885c5c0c1cd6273795deafcd8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45187
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 12:40:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 19:57:58 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 138 KB
23 KB 80ms
80ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

5be1e160981cc80e35524ee00b2cba56a5ea03b30e26c0f7f22f9a7cf62ef972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 474622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23928
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 07:55:17 GMT
expires: Fri, 30 Aug 2024 07:55:17 GMT
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1FC 0
0 107ms
93ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjckIsfoTxlpa85IUsoHm0cRwq0xGxz7tGdxiyWX8U3Esy750QOvRmlg7-ktNHXNGJf1X8PJXsQggPdIk07i447Ru7R6QGMpNO5pwhmYaI1MoqA92m7hPHliLrcBHzU9wp40_20fQde26pf0mLc2vrvaRxlS-dIzJ1gGjAHt3Kdtq0bI8RKfdrOUUlPqOQNviXiGU_wBYd8hRwk9D1pGFdZN1sh3KI-WF1Z_wRYypR3mdLS0_aQAvrIeOioVOTKHpm0sUspmDddWXkR1tHHrUPpQausgUwTUkn74qdBzqsZuz9ZS9EVwl6vIprhzTTg-dKAq3QKEj0i9zVxGSmjXxGaI9wrGhoGDqWpUuNqG2Nl7PqZDMxCLpW63hGIcRhly0qf8IpiN1lf9xSQR-4TtZZRHv29ddiykHsUwVI_ZMhEW4iJKlTEOY0z9aRjcJqqtLXoFHAUjOhmSuQzqg4kBp8U0fgImPzV7btyHnYtxko0LE6tN-TUmlVP7U6CkUSfi5Nt9D7hYgKKJ-UFAuX4AwIBN9IZ8jmJxOgvClgPpu6ufuZNywioY8YnI5nh-Y3zfVHRX4BmI0X85YpDhNaBmXarvJPM0EPPNVzzyPUg4XivY_XLZolc3PL4V_EsjA1VJMf49xHtNsDZJ-Rb9L5ntp1L6YvL3PVT6wY4nRm9BDopZFfozXbZnVmD6ZySWSR3162OTxOUR3BsLWTyN0ElU_I4IPBX993l9P7xf3llyGlXUUyM3gXRIGvBDwHoY9Ned2MrzLDTro2zgpA5Ko-VvrQMyUP7TZX4N_iMDTqDYrjB1qf46P8uG5hN1G3d9LJ9c6oK7baTYyEs-_Cwx69J68ir2WvpKE-QfdKdx3cUqh0bb4keKgrK1ogX9Z0eplicmnYStGBtcxjazKAh5EtMZlsilvWiquDu_vVb_bYnFUDbYxdX6x4Mr_ZJUcohVv41b6mbuCaJJdZ8368JL3nyCRrSVRMO9VJrRA5OxXmNMpwuxUHa1_iDDDIKB2XqrJVFoXSDewW_pN19FTZgqeTCq63S_HnTZwh9N_dwDgnqoEv-uNJBD_eySz5epeE4luCfVLf_WtzPNLCpnKHEUfdyiMXKSCXwIkN1fphpeFrPfMKBH9jyHmzQcXe2rdYLrEfGd3hz8Wi_uKFTK8y3eaijA5T7BEaWTO3aATTvQ9ww0GM1qC1hpBe6kBByZeFf4CrbHGbw1OSwAaxwGUJRlv5fFMtfRZMoqznrPtY2-S22Ecz_vuoDi0YrArpCiO7qS3r78ymKoAlBPxz_0XcLJWlvnPFkY_9NJy-g25f6FDAe_ssHCQ&sai=AMfl-YT2hUCWzHwqyqUvahy6k07zWAhfJjHu_OQFtoqyvrDtN9V7qHZiUvDSbqxTWDIXD6SndZELdeu-XYa2YcHbKeespbFjeO3O4YxR7a6khY1WNmTHw_QbULHcS_cuanXP20xpUllRpYEfUUpjHkSynvXaBnr133yKklvmc6jExS6CV_zHyZ5M-ezqYBA_YNhbCMg0djAiEcqgRzJeo7KfGmHARaPSyGQOm_RVKn5pe-AsmYN-iheGXrIJHzkdPs4RQbM8lSnjmFq9CTS1bUtbMfBxYPD2915A&sig=Cg0ArKJSzAIoI0AVvwZREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=752&cbvp=1&cstd=748&cisv=r20230831.00426&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CAE 0
56 B 173ms
171ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxEzTYIX3ZNGYI_u71fAP4ZSzoAkAAAAAOAHgBAI&bg=!y8ilyIfNAAYHwnCgJ8I7ADQBe5WfOLALvHcmcmREtO1YoXZQ9JKfjQ2KDRaXXm3GqQzGpr058UPS2P-pfhCMNwcEBEN5AgAAAo9SAAAACGgBBwoAS1-sVFdBvVYowwub3ICtsbPbDM9TU3IsLMLD7UPU3kM3zN6Zo21x4izpLtO7Pc7WZQ_7fmAgOIGdQ03T8Nssp4NfUN_MCe7Nvt6DmZkDDzFDNxqVj-dijMHL2NkyubldBF4XqyNFFTKpTFdDqWLD_ybBKHUmHo_JH7hc0LwNs-dp0v0EKnx8N5rbC4ZGalhjBv3aGMs6fjnsz8jF_vWdv7ELNQK-ysWD__p378XqaGLfyQTE2RBTUmrPdARSyFbbdFg8t0e-gXUFDeGR6T1SL1OULoDi_A0Y6fMMx-koMnozWbuHgrsBv-KjbdV6FOro2c-5LY7Z7cMJP7w85vJ-oANsQfN8hphB_csNybUFK7pFNHh2RDzWtE3gkpg8CotqFrAjMVaE-uN_X9VEex36e9u-GF25kbDhLcicpS5I0Zj7DfeMoLd-Lh3pAZxSi6iXuLTkIMcaC99ySpbmW22x3EHWc3XcdKbheXqHyjSORKk0kiY88n0sNFjHYpD-WjzpAQS-WhNnAZJq9SuwreocbhYB6aT_jQ3vcJn_T_JTEgxJUMhiD2R1MHunKa9jMv_Wy35at3Q6yULvS7GjLXG7NqN0IjW4vErQotTEHrD2XNc_Zdjc55kXj_cKfxNM69jkGkcZPv_NqrWEz-ABvZXBeMt9SUoFCDzF82yl9XJmTNhUIty4c6VYgoKJ19pJ7HCKrcG3TJAULny-KgZXrzvmESAlz5L5ctlpbp3kEvFF3KEwXQbaYjTIcHD1DgIkB-jCs0BTizEbvT2K7-vIUhBB771aUb9ISiZ6dUwtLUYM-5zyIz6rcKd0Hw3r21dhYr_5LS1I05IRNB790bPlurboHXXDkGrw5SeLMwcctI9oOXgHpm6HFS-h-56ljFM4P-LP-YWjDKvOGhB9quk0MJtgHQJBcmFv8ohzB3a-0dc0nUyOeYPUHQZGeMKsQd6vFdAs8agwHDt6VajKErf2S30gC8XyJMXSFH-YZfqs6vbhMxHoolvaDjvm3w4csVWzLfLwiU6Z9tCunGMmjUO4oQGMunKphR-2r52s5-at03GxYbGHZfgbUbCSjvzki05POStC9GYB05zXCk7U97b2vLMxHvk__nR623aWZH8es94gfQE75OWZ8TX3lVtji-Pw9g

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0028 38 KB
15 KB 56ms
56ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 14:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14792
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 14:28:41 GMT

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EA6 38 KB
15 KB 67ms
66ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF4B 0
56 B 164ms
164ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B56C9YIX3ZNG5Ipyn1fAP8LmwkAYAAAAAOAHgBAI&bg=!NTalNnnNAAZnwVY5R8E7ADQBe5WfOEm9FJ5G1N2kyEvBllIKx9bETZhaafZHv8Cr2bc_il1rbtDqA39984uDNjuMUzYvAgAAA9dSAAAABWgBBwoAJh0qP0UBgrtwEMNmHjsxG3Id4W0ZknhleKqwIkx3rroNOCi6cCwMmQMSoYI21D362o5Xueivn-prsBCSeZe_UomM8w51OLzsctkBpkclKg9YY-oRqsch8y7DMiFAvcfxYYPPkg3-wujH39vkjfSumpxGLaws3_ow5lOHQVdY-9OYCKO6z6eIwcHlQt4Hq980GpTXAuGUbB55dDioZ9Xeal5hZf18Ycq2E-EsnInVioV2wgUZw9wyW5FzyFkiEVFqK9wcM5mvfeFq-B7VSph4UJE0NGbUKLROkBWh9iacDzJTDCz5FdxckpmVRSp57MIUPGDv_PeAcRzxNaVS-gYGR0qjwzXpBHYq4Dm_E_yfDzxyw1eCFAFHrlCC9DwIpNq2YLG8QPsdByR8h4FggYbBvVY9bUQqCKJlP-zyntoPgS2KFxcqLiDQ5gRtJ6ZVtuLOQfJlaRZd2hKbRygk3O9Tr9IK76bcM6EA20n6-a5LLw_IwYLH7smCjQv7zg_NyYznB-4Lfo14FcFnWK2pNvsfSPc0CGcI5sxY-8X8CJZPMvxFyK1ZCm-j0UxQQHzvWe44dhHMh-xrlgatveye6MJIIFe9sB1eihKl3iEJ2XDfrX3WuME-LIxCJB441fHQVRWpMWisCBNG4QLRGVDaLV4sVhotEhYWdaDfaB4y8B7DchlM2j5_7TziCggmNfCJ_HPOBYRJMNFGUYcOqxCpcR1-VJUdu-uoKkUrUKjLm0r3Kc_4BZyS6MK3MruO71Je4GU4sz4XUnP6-WrwnJ4rlR2xhlVoaVdsvecGkcBiRV4b7T_vf9Hddl2_fzseB4lGlGqS9pTOLELXRM7tT-N1dEm3O7Jy1cZOgxPXSYaud_cDyJm96Rdm1ZKtSZofN19bGPSAY74f6xdvYuWCrFsLxqgRN_DAcn-CciKKbNH7JfgObm2rE6tkduPspnLsjauc8MD7rZfocY9F9yabv_PgP4fC3HVFT2mJOYqmH47RSFZ9omjscQJHRcU0tuTg32D_m7MESX8t5LXBN_P4OsHsuBJLWlV14fqTbtWDS2QFafjmeuHldtOhelCkppecy5ohn_37W4_a_00xoNZpBGAR

Requested by

Host: 45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
URL: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA2B 42 B
174 B 1043ms
165ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuC43E5k2xF5gwEOgH2pyQe7ZYeNvwPqzvGlP6P5286QbD-blqgh5US8QJ2-W3cXdOh6jodMhqF2DCUW4RH5Y4f1AbJVe8v-L1A4DCdW1A7crayV_uFUMl6dRyQhStx3KQm4oI8SsQKw&sai=AMfl-YT1TDBQXYcdo-2anRFdoxVqpcIl5qTN7Pz9KUUJPoc5qKNmh7gJ8GO_x7DMHOQZp7KFRPfgHz6xjw9Xz1mW0zVJ5DOWWVt2c2l_DkeRMCBfRjhMVTqhqldHSPMGhKRNz2DtIkV5OiOk7CG6pw&sig=Cg0ArKJSzGMCaPmh1um2EAE&cid=CAQSTABpAlJWly_E3JSrE11SWCix5QmTF9IKra2E9vXatg4IO7dCx1UqYOunvUd3AXwa-LwbDk8h4eVrXiLmYwMzx_Ev0kxXt-c8vAJg5McYAQ&id=lidar2&mcvt=1040&p=1110,436,1200,1164&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2708986379&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693943137127&rpt=1159&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D7B6 29 KB
10 KB 48ms
48ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 14:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 14:31:30 GMT

GET
H2 200 de_CH_brandanimation_infinite-halfpage.js Show response
s0.2mdn.net/creatives/assets/4420917/ Frame 0DF5 144 KB
83 KB 81ms
80ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4420917/de_CH_brandanimation_infinite-halfpage.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4418759/de_CH.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

c6a6d47a41718d63c6bdf2acd3e10a14f60e79f6596f309e1dfda30387072d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84964
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:17:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 19:58:59 GMT

GET
H2 200 destination_grancanaria.svg Show response
s0.2mdn.net/creatives/assets/4244927/ Frame 0DF5 6 KB
2 KB 80ms
79ms XHR
image/svg+xml 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4244927/destination_grancanaria.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4418759/de_CH.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

1668bbb6cf3e9493da5e1658df74f8a132f306faebcaaf6ed23f8d0bf937206d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 14:28:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 19:47:26 GMT

GET
H2 200 infinite_300x600.jpg Show response
s0.2mdn.net/creatives/assets/4264615/ Frame 0DF5 35 KB
35 KB 77ms
76ms XHR
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4264615/infinite_300x600.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4418759/de_CH.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

c7d921ee1b37cca1a5d90988580871380701061f473e5fa26dbcaee18551f604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13179821770684833485/index.html?e=69&leftOffset=0&topOffset=0&c=X6uhRLNEZJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:43:59 GMT
x-content-type-options: nosniff
age: 100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35997
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 08:55:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 19:58:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0DF5 7 KB
6 KB 974ms
161ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7aac2629fed332dd5892213abe135a7d3f8c66bfef3f8c62f5a03c2d83d31904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5725
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26C4 0
0 138ms
136ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkMBPG2mZCKC1Y23JV6CZqaqrayuuUKiVmA5E7HG29wQbOCyKIjospb5uZfEbb9bSa5eIhAWiuh_HR3M5fmodfo3PFGO9w-JpC1UHRbdgHxu7vYDHvzwpu7zc856owt7Eo8AozDI1CpExUFRqBPiy5WbQOK3Mv3pxwekrUCx96cv_N9vAcIBWQXJ5Rt1cSMMfQDxPWPBfv4xOq95CagiL-pfDlLR0jQ3MIbJTJ7JIJqZJBuEd1CIwY63gbSOyVqBdzcUpWjWb84CrXrfBT3N-AgG0CESy4o1iu1PlSHjYkiNxD2GceAyKHgWVIrsXp7bfjs7l3UI9kdDCA7WUVeG0acUPejg1HdEffbUdA9p1CqfunKkcDCTJyLhS4GSql6i52JxXkQARNuKO_CT4crhOvVOfYKcCz8B6sNiYtHMA0dHBL0MDw7KyjY5aoB95V0vMDHYrE0UILLpXZkz5g8lzp-j0KAWQ7a_sQ2w3itdc-Fy4lX612TFT0CyyzpWdgmu42OT7pLRjvjO9Lz3LRYDXAkL60YEp5wHPT7WePcstYq-S5XC-4Z15RqIJ3poVDzRkIzR1kMfPaJIpbUduGa8KqwudLFYjhPxv1LW170j1RbWYAGAztSESKgb2CvuygmML_K7kFoZeFacyATtnX_dFcFKSIxSGzCi1ORMiRtJRWYT_5VQcHDRIDAnSE_QcyLebZL5z1dMQ95J7XYJkdn5nEVOljj2aHG9KT_0P5OCSBNQFQu6vqI6k7xI-lVIUOPHstN_LgbGpwBTcRwsoy0pjSdPYfWuqjEOzc2goOBLdyusZubki6miLS2kYtgCK3YLhlUu8fx2p_VZIlc-wxdT2H5inJrTiO7ZEw6dAaUZTRjHUsEdQu0KnlFIW5Gia3bSJ2HO6wNK5jgssHE-ZL9Ab0RO4LSkx2eiXp0L3y0Q-kyLqwzU9Xy8YrE5_MON2qHmhEMXwccknAxrEdKoc0zwTarVd4AitH9BjSlClt4-50yM_Lj-hzKncgem7GEv3IloCKfxJh8yk9NHyV0cA88lJT7wErtks1yZvUhroX755_fqMaSlYvaVjnrh27CNctfQivgavgEDHhqlihMzM1opXhTJOw8NyKl7uBEa4_aJoF_-ZV00DUflrrWGtWHWWUR-z1eSRUF6AZJVrGlNPKszW09obS1lzNr1myIsH35CSg8-jUBISr3xYWf4l0XzU8-yLNjp3EzIGOno4S6nzaFbGKJCRf9_NiPKgWziCBM2O0EplUZ4jhWoqAw44X-w4cGhP-qUUhwKTzEbvrs0aruw&sai=AMfl-YSE4ja2ZwPgA05042JPLPChIG9YZQbtT0jAeKQydXVcM2jNSuXxCNXQlyu4aMyIuR-khIpqNAOiPFUIj2W30MluP_Zpa0D0DtCan2dAf_wC7Tc3VKfcvATYCfxASZ2Hh2UlmnjXZ8rH5x-O5NietF9iOq0YfH_wiYCnUSphlGhXVzLeIkOUon2xkb1LNIKhPf6j2Ild-lVDOOnn0xDi2U71MoBHYmKiEnUz-habXidQptYo34WmcGGu0khxLtL06dMsf4cKzNcH0rrWdkcd3AEDqQSBYYTm&sig=Cg0ArKJSzHb88IgYmuaGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1099&vt=11&dtpt=537&dett=3&cstd=1094&cisv=r20230831.99197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/12495124699423559641/ Frame DEAA 21 KB
5 KB 63ms
62ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

671300a57423552c88117f1a28159cf7bbe590a9842d78c3f9eccf5f3ddf8b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 102737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5000
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 15:13:22 GMT
expires: Tue, 03 Sep 2024 15:13:22 GMT
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1FC 0
0 152ms
151ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjckIsfoTxlpa85IUsoHm0cRwq0xGxz7tGdxiyWX8U3Esy750QOvRmlg7-ktNHXNGJf1X8PJXsQggPdIk07i447Ru7R6QGMpNO5pwhmYaI1MoqA92m7hPHliLrcBHzU9wp40_20fQde26pf0mLc2vrvaRxlS-dIzJ1gGjAHt3Kdtq0bI8RKfdrOUUlPqOQNviXiGU_wBYd8hRwk9D1pGFdZN1sh3KI-WF1Z_wRYypR3mdLS0_aQAvrIeOioVOTKHpm0sUspmDddWXkR1tHHrUPpQausgUwTUkn74qdBzqsZuz9ZS9EVwl6vIprhzTTg-dKAq3QKEj0i9zVxGSmjXxGaI9wrGhoGDqWpUuNqG2Nl7PqZDMxCLpW63hGIcRhly0qf8IpiN1lf9xSQR-4TtZZRHv29ddiykHsUwVI_ZMhEW4iJKlTEOY0z9aRjcJqqtLXoFHAUjOhmSuQzqg4kBp8U0fgImPzV7btyHnYtxko0LE6tN-TUmlVP7U6CkUSfi5Nt9D7hYgKKJ-UFAuX4AwIBN9IZ8jmJxOgvClgPpu6ufuZNywioY8YnI5nh-Y3zfVHRX4BmI0X85YpDhNaBmXarvJPM0EPPNVzzyPUg4XivY_XLZolc3PL4V_EsjA1VJMf49xHtNsDZJ-Rb9L5ntp1L6YvL3PVT6wY4nRm9BDopZFfozXbZnVmD6ZySWSR3162OTxOUR3BsLWTyN0ElU_I4IPBX993l9P7xf3llyGlXUUyM3gXRIGvBDwHoY9Ned2MrzLDTro2zgpA5Ko-VvrQMyUP7TZX4N_iMDTqDYrjB1qf46P8uG5hN1G3d9LJ9c6oK7baTYyEs-_Cwx69J68ir2WvpKE-QfdKdx3cUqh0bb4keKgrK1ogX9Z0eplicmnYStGBtcxjazKAh5EtMZlsilvWiquDu_vVb_bYnFUDbYxdX6x4Mr_ZJUcohVv41b6mbuCaJJdZ8368JL3nyCRrSVRMO9VJrRA5OxXmNMpwuxUHa1_iDDDIKB2XqrJVFoXSDewW_pN19FTZgqeTCq63S_HnTZwh9N_dwDgnqoEv-uNJBD_eySz5epeE4luCfVLf_WtzPNLCpnKHEUfdyiMXKSCXwIkN1fphpeFrPfMKBH9jyHmzQcXe2rdYLrEfGd3hz8Wi_uKFTK8y3eaijA5T7BEaWTO3aATTvQ9ww0GM1qC1hpBe6kBByZeFf4CrbHGbw1OSwAaxwGUJRlv5fFMtfRZMoqznrPtY2-S22Ecz_vuoDi0YrArpCiO7qS3r78ymKoAlBPxz_0XcLJWlvnPFkY_9NJy-g25f6FDAe_ssHCQ&sai=AMfl-YT2hUCWzHwqyqUvahy6k07zWAhfJjHu_OQFtoqyvrDtN9V7qHZiUvDSbqxTWDIXD6SndZELdeu-XYa2YcHbKeespbFjeO3O4YxR7a6khY1WNmTHw_QbULHcS_cuanXP20xpUllRpYEfUUpjHkSynvXaBnr133yKklvmc6jExS6CV_zHyZ5M-ezqYBA_YNhbCMg0djAiEcqgRzJeo7KfGmHARaPSyGQOm_RVKn5pe-AsmYN-iheGXrIJHzkdPs4RQbM8lSnjmFq9CTS1bUtbMfBxYPD2915A&sig=Cg0ArKJSzAIoI0AVvwZREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1019&vt=11&dtpt=267&dett=3&cstd=748&cisv=r20230831.00426&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26C4 42 B
108 B 862ms
170ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSdS9UhTqsK9njf85p49YQ4dnv_nJryd9osha0ywOVAFsbTs2mdxJ5OPYf3fhZLmvWBjE73UaXmjcmzb6zRaayX8_JJLCNUeyCcgpqsjIt28OcSTB2jyfhpPZZZvv3UKYLbV6NnqCWAQ&sai=AMfl-YSzDxm1cr1GACCgYScfhtmQ0sV9WLB9htO0LhkrFCeBrqsZiDkO8kg5ndjk8F4Rf2RzYCaGMcmeaRTQigOg2gfsgE-bayXAGHaV_nCODR6GxCKr8CRk_RE5GgoNJVy9IERDRNfbY62uGhxC&sig=Cg0ArKJSzGtm1TtiynO5EAE&cid=CAQSSwBpAlJW2uQ_zT4Mtac_KurT_3TPgsxHbkPIl4MjzMnR3U3bKk-2WgCiqiWteIJKUsWbAwR0fO_667flQ1RooYSYPNewx4z4h1NX8RgB&id=lidar2&mcvt=1034&p=611,425,811,1175&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365977148&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693943137044&rpt=1442&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5c2b668e57b83532ec1d10f02eb7f688.js Show response
s0.2mdn.net/sadbundle/12495124699423559641/ Frame DEAA 134 KB
38 KB 83ms
83ms Script
application/x-javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/5c2b668e57b83532ec1d10f02eb7f688.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

7551a231a7fea17d4013a2664e4cd7227b67b47d265c2a179fbb0150d264d286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39005
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Sep 2024 14:04:18 GMT

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 68B9 38 KB
15 KB 72ms
72ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
DATA 200
OK truncated
/ Frame 0DF5 29 KB
29 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7405f28e16005797580663b5fa22bae4bfa88be920c39e18020ad1e83fbe9efe

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ Frame 0DF5 31 KB
31 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25348a5ee2ab7addc445a695634fee0b8e2ee566d3aa8485ca9cbb593f4b0eeb

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E1FC 42 B
108 B 761ms
165ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNQO9YURgw-440c1v3NzYvngScCDhMpiRS0Cm2qVVIzliL1LBe_pINoh75_73BmdbnpbiXHBaNRvEX_PbNd4AO9xF-iWfcEAYzMmY3besbU8W0Nw1Iyg_7Ne353oOLTD63ta2AwoMWfw&sai=AMfl-YQnO0oLtjyEabpeQ1v3Iry84ikud_rLEIa1aVgGNC4E9Zr1Tm-L1Ammfy_e3_Cu5_hWek1k46xHNc1v5dYFN5IDf5B7y_KNHW744l9QiApan7sBY4xdYYj96BFkIJeJDn_yPvEbtpA73mKB&sig=Cg0ArKJSzGSHmAs4lDLcEAE&cid=CAQSSwBpAlJWaz8F0yzXV6JTSVZYu_KEVq6cdalbHw_JywAKNB5vP7J1fOG37hhPJFF6V0b_Oy1hkxDzuN-ZMHX0KCpaXkxzzWfWwd-eCRgB&id=lidar2&mcvt=1026&p=231,315,481,1285&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=554408032&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693943136985&rpt=1620&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0378 0
0 176ms
175ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5W1f9khRPbPsqMJmuueMiufnWbcKj9a36Iz64mnb-yPECtbz9RMUL5ey3juTWVUTUnzT_YABDvip1iRNpZAzD10AXfQR1rJd3ozPwtv_4qe3S-VxHMJn5o9fKH1BwCuEgoGLgMmzlyD9FNk3Wgq1yq4Ay2_spsoZruqH3WvqdTagARvJTkAODFBpa0WfeiEVbrgLGZtK_VizWrZ4tlbAl45bXu-6Kf_CEZ7svoBzIHiq2BJ_vI5Fk-WgNUGzxoJhnGdwhwJzrpTzd3ojLozeHpkmrv3DxaR0SzqsCVgF3y1IwSeDUW6v-AjylB-4p5mdFzZCETqF_Wi8PExWRjXRZVdmlMHnH94qcrTSa-Ze5KMcO0MgYfGk-psulKHxfUI4qVaBAW7xkWGz2pdS9a5d8jeY013OUtfJgesOr_YifGAU7y2uc5I9mUc2u-hbIyltffchhAJ0gZUABJFnye8GYPb9fdx2aasbFIACQU2G4sLAQTh79ohZ_nyOp4ilcMXQk8Hd9j9GYV2vncyHzYbPiUq999XyKAg6ohQkQhCVJJNTOGOvPVr-TVjUPXqrfurAXxyatdM7y-DmnRjtLeZe3W4Dt2gvzCjEqpcGufH6XWrbAJMF5B4hRlIf3tGDrXssDY0OSUXz3IphmDX4_h6Z5o2oxjy0W94G8iPdl_wCBZ5FPbO6jn55iOMRNEX5mex9ZRSMRc6djl1RMPqPMZ1wI3v3vQNRDDrAN7VZvVkGE2gqnMqBHK5MRQhfkulNvBjnlVipEqjECpd-amtkGdXHYP521qr8hFgi9naoNnjpcTq2bmpfdldaieuvNr0h7xR9ass2P59V0rRKavBzyCBhjEa9TiZQ1Hn9cFX1EyQtjVdNG4DdE83p3meH9oJPVxXWxllkiDlxoJKjjfaeKGrkeEdC0jpDCJLN70-PChzdr-a8uszLOMV4euprYbV3joLzw3IHb8bTnK7OZk-ipi0uOwh57LDva9ehbFEldY9eCp0-teP_BOZCUnp26MuZkBV8sX2NRsDNOH9c2JkwlhZfQVMYAfZzhdxHltMgaXEIwjEYoieRssLjBG3cfXfFIpyhtq7l7HSmNyngVRDtkKQWb9MQbhgePxSm9TV6uMCDogY7DsgOCra5OOCQMMEJ-vQb8wMywrml4JAAWOlVFU88b0gIpqHYYbL3yWUyO0LCBCtkhE8s33mAPABHlVHLNk1ilWcPVedzw1uvF9L7aRyo3BV1IKpZp9QtaxQZIg6NJQmSP5KpvKeHTzAsTR_EvQ9e4IkGakyNDS7F4jxxGJ95XAyVebwola9sjElzINK55isE9HMWLRnSsQiI0n3S898KAitSa6B0dgbko10VJWtmLH_gpiaPAkhi3GdQKb2YRmal-Jg&sai=AMfl-YTKQfCxQbr1OtkiOLLkNhREH23iIqLF8D2TTClO8fJRrpLKzIevJpab3qpCpmxMV69NqcOFSguULw3NFyGFDgDe0Uba9fdA3_xBphhXyq2vnfvvIRCD0bIknHJHHq4P7ni76D1KwSa4Co2EE4k5fhPeUS9TzdgwgZk9oYMzbBKb5MvkiVCyjwaq9tK6Vpon4BC5M-ta3s4XrDVnBhHcvxAVmej3sjaZWyGkuJvjlM9zw2X8WYqSmwW7ypSH6DtcjjXsAeh8tF3j0N3BBpOdb8cJ7zW2xoZSOMh2PWNGHkv_rkGZAs8VIc5B2VA8&sig=Cg0ArKJSzE3mJC6ObrehEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1501&vt=11&dtpt=750&dett=3&cstd=739&cisv=r20230831.08652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/cibfu37za2d1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
BLOB 200
OK 130451ca-a43a-4f35-b8be-2b67a13a7602 Show response
https://s0.2mdn.net/ Frame 0DF5 6 KB
0 XHR
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/130451ca-a43a-4f35-b8be-2b67a13a7602
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4420917/de_CH_brandanimation_infinite-halfpage.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1668bbb6cf3e9493da5e1658df74f8a132f306faebcaaf6ed23f8d0bf937206d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 6084
Content-Type: image/svg+xml

GET
BLOB 200
OK 6fe8a551-395a-4e57-9f83-099cd73dbd5a
https://s0.2mdn.net/ Frame 0DF5 35 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/6fe8a551-395a-4e57-9f83-099cd73dbd5a
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d921ee1b37cca1a5d90988580871380701061f473e5fa26dbcaee18551f604

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 35997
Content-Type: image/jpeg

GET
H2 200 cta.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 2 KB
2 KB 82ms
73ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/cta.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

ef2302076e84edabf24a17155c3d0d5e162c07b82d0e1b76f647bba68e4c5d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:20:51 GMT
x-content-type-options: nosniff
age: 1488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2324
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 19:20:51 GMT

GET
H2 200 a-g.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 14 KB
14 KB 602ms
596ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-g.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

8cbd57976b302987c53e46e63692739122ffb921401dbf2f7820773808d4c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 07:51:16 GMT
x-content-type-options: nosniff
age: 302063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Sep 2024 07:51:16 GMT

GET
H2 200 a-g-innen.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 7 KB
7 KB 139ms
133ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-g-innen.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

1b0d5c7c580159888574dc455c537588a838751dd155cd164b884d6521341d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:55:08 GMT
x-content-type-options: nosniff
age: 474631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7142
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Aug 2024 07:55:08 GMT

GET
H2 200 bild.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 92 KB
93 KB 392ms
386ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/bild.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

c2798da552ae859878af181355f18726e43e2192759b5c9001ab7181328a8328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 08:08:55 GMT
x-content-type-options: nosniff
age: 301004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94610
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Sep 2024 08:08:55 GMT

GET
H2 200 a-w.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 7 KB
7 KB 604ms
599ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/a-w.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

30bf44ce56bb42d0e100bdb5531f4bc2eaa537b154087d8f113e89395795efdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:22:46 GMT
x-content-type-options: nosniff
age: 1373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7094
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 19:22:46 GMT

GET
H2 200 blatt.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 70 KB
70 KB 537ms
531ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/blatt.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

b0e6c49f049e369bc42b758e2fe38cde2cf2dd3e53c285b2f7cc1f19568f355b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 20:48:41 GMT
x-content-type-options: nosniff
age: 601018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71407
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Aug 2024 20:48:41 GMT

GET
H2 200 4.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 4 KB
4 KB 600ms
598ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/4.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

9bef46f75f10da65be6e193f3eda991beddc861b16b1a7c991a1cfdcde3afb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:55:08 GMT
x-content-type-options: nosniff
age: 474631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4257
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Aug 2024 07:55:08 GMT

GET
H2 200 3.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 7 KB
7 KB 535ms
532ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/3.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

5eb20efe30d972b439f91320bec21fefa719133df892bd182da292b18751506b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 06:28:15 GMT
x-content-type-options: nosniff
age: 566244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7544
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Aug 2024 06:28:15 GMT

GET
H2 200 2.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 7 KB
7 KB 599ms
597ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/2.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

ba3abef08ee0039372174c3d4c0d42744f4a7fad74558c9b69f29aa921bdcaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:07:46 GMT
x-content-type-options: nosniff
age: 596273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6831
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Aug 2024 22:07:46 GMT

GET
H2 200 1.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 18 KB
19 KB 200ms
198ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/1.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

c76bf72752334db75f153221a6cf4bf22fe14c2c8c610ce37e792dc94d2fdd4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:55:08 GMT
x-content-type-options: nosniff
age: 474631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18936
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Aug 2024 07:55:08 GMT

GET
H2 200 mask.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 5 KB
5 KB 200ms
198ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/mask.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

e19ceefaab32dcb61413b77c608bd86817173ca4b3db0e40cd225db78e6d950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:19:34 GMT
x-content-type-options: nosniff
age: 55565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4673
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:19:34 GMT

GET
H2 200 logo.png
s0.2mdn.net/sadbundle/7243361920310055803/ Frame D7B6 6 KB
6 KB 199ms
197ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7243361920310055803/logo.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

98b27de30387307b506599f10749d0878781aa011b92be7ac78a50660f18fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7243361920310055803/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 06:28:15 GMT
x-content-type-options: nosniff
age: 566244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6108
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 16:26:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Aug 2024 06:28:15 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC3B 0
56 B 172ms
171ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC_fJYoX3ZOmzApSl9u8Py4GomAcAAAAAOAHgBAI&bg=!8POl87zNAAYHwnCgJ8I7ADQBe5WfOLSTWV2MWuYI5NPO_VvH1V5eGvmtD_F99Iku0CvR68yXO6W3xG3zZ9_9U-VnMaHSAgAAAd1SAAAACmgBB5kDDpzVZb7AzGe3ixHDGIHNYrd4nqH6O3b_QY46AGjXh09lBPjhpwRrc0HUF51dNNmUGgZ3f7WaZ_ZZOJ978EwWYA7oqXKbjrWR3eLagbf1VbjmAerStU4hvs0PFT8a1qjTGSQyquELXmjXqIpz1X1RPPLGac-24CE5CxaYLsxjbmqWL0fzWQfnniUgVuy7MBR9Cv9CkEuED9JL7vPDsvBYHb3mXPtpiWFEYfmicgtJDl-xg8vvwZ8u4rF4zC2RfCf-Y8YcK43EAAtD8Gsu5T_kyTdq3eID4rjJSFtN2KiXPt_0FWbQJye9wGO6wpGLhSfnXDmJTg0YGJTEYE3EXsUo4U2QJPoYiNFmZIlMR2DaLz4JU5EaFDN0MEFJR3wouJiLhAJdey_RquWUDqgaPDZBWYvwB6xuQtuqE9eHivuCsDieKsY606pU9KFA2NSz143RCZleOB72Hkovh3uWJEUaDQRclf-tIznalJmFk7qPCTWhmKD1FPmqS30qlk6DRvMorza2-N1k6OPYr8qTD-ZXuotneF0sAWBo_v8BbN8dd5bphbIZ6G7-xStcW_q-VUVtXUpNyQtYP3i506eFFrA1gvpTufGL_6ZWemqIQT3YRNkgnfm7SoTcYUojmGujd63e_jSN5UEN7v-OFATdY22vyLp8iWLkl1n5WHh8SGnisTtAepLlw1NMIXjSB2sHyjLNzh4wkBrnPAWr-Nh2hHzxyB6hlpkR3bl5Co2mtGjUU0j8DjnTLhzTp6SnDCdxhwyzUZkvg1MJx_rBRSpBDzN3HLjlIBW9I3gdkATzQo5K5bgfmpHTWjNBGUsweCgC48vRRWXU_0UREgFKXeI-nSSKrK6yS5_t1quh9mPx9s5KTmP2Utzp0q12y0ICjXK_SMVkb6ywgN1NVYqFmKyRnB_nUyR5GbDMrPVGW1M3C473fcrEr0BID6lSs1D3gNkywb5hLprYfenNJaan2XwsPnBoVpbtUxI3wSvhDbj0FcHrvcauf6PzzpGiMdE2ej7VAOHpbhUh2ZsZXw9XSTIMWqXL

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DEAA 2 KB
547 B 97ms
96ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:700|Barlow:600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/5c2b668e57b83532ec1d10f02eb7f688.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

a265789ef1ec12988698e63db64ff9d12ba4eed6194f7ce3e148c8d55d47341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 19:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 19:45:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 19:45:39 GMT

GET
H2 200 5b45367b166ec8791e86c5f7d18157e6.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 18 KB
19 KB 535ms
534ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/5b45367b166ec8791e86c5f7d18157e6.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

af5f139c847d9c7c7635a6c1d177a52c66431a13aeccb4b45ad7120b1668bdd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:13:22 GMT
x-content-type-options: nosniff
age: 102737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Sep 2024 15:13:22 GMT

GET
H2 200 df8066e891cad15d471d1cbee68ebd37.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 18 KB
18 KB 535ms
534ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/df8066e891cad15d471d1cbee68ebd37.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

7185d9a8b40e31928fe49d1662a786d7bd33fb9bca01f89dfc1bff04dfebc66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:04:18 GMT
x-content-type-options: nosniff
age: 193281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17947
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Sep 2024 14:04:18 GMT

GET
H2 200 0a6adb9daa124e19aa0d33dac4e046e4.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 15 KB
15 KB 536ms
535ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/0a6adb9daa124e19aa0d33dac4e046e4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

0df06db86a82d7b55463c3b514020d665a28e687223adecce5817a40c1966eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:13:22 GMT
x-content-type-options: nosniff
age: 102737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15606
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Sep 2024 15:13:22 GMT

GET
H2 200 220fafc964440bfd6490cd3d7c203519.svg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 3 KB
1 KB 534ms
533ms Image
image/svg+xml 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/220fafc964440bfd6490cd3d7c203519.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

f8f8293a3850c93804a33a41b293edbd427c3d104e4e9d4cd27b9a9092a0309b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1417
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Sep 2024 14:04:18 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0378 42 B
108 B 479ms
170ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGECD8FQEqDzK8IjgoepAT5tg872fKAbGsYOo-o2nyQUs8v8liuvEWQs8Qt8Rc8DtJUvT74zWEw0gpe-Uf96-HyPwepEpRC1rE9fs4_rUUFP8BCbn6nuG3dsBsZh3jFO8odGHh405z3g&sai=AMfl-YRN1zpSCQWD44sytaJBKJcJd9Yn2aIvOZpLqFrcBYz2lijN2GSMMa-nmcMeaw_yfsglyKc-bz7pErsgWe-sGTZ0j8WIvZFJ36SEIL0d7wmZCUj467df1OY06qu8RPJWaE1rjF_8I9ksbgmWWA&sig=Cg0ArKJSzIJpDQZrDBr0EAE&cid=CAQSTABpAlJWAZHZHSQNrI_m51sIrGXRUkUsl4aCNe6HgiZLRMnmWg9SeLkKmYACHJ2xXBtWGyGTVwzwpxiwlIO2LEe6cDdyrs4W1V-Bu3sYAQ&id=lidar2&mcvt=1016&p=1074,909,1114,950&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3992249615&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693943137173&rpt=1163&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0028 0
56 B 200ms
199ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQWxIYoX3ZIOtCYSQjuwP7uSXmAUAAAAAOAHgBAI&bg=!_P-l_7DNAAZnwVY5R8E7ADQBe5WfOKPThAaq0FxYkpUxM3GFwgfIUt4BtsfCBNDTxyf-C4dyS-zi2uD8NH23au02VKMQAgAAAZNSAAAAB2gBB5kDCbF9W7RLrDRxriURPwhygrh8XstrHwI0Kw8eBVa9_eGyNZp6qs6TRAHXuHi9Z-HX1FdO6Uqvg5LhD1Wr7mdTIfdlLMX2DSKywS24mlbIF9TfPV2jq8WSi_aRJkMrqBUV4ifdqmNbgkJQlP2jgqMAm9gJGyrzg2u6TTY1vrutv2MFvAClvaIcPFmSPfZp2wFoA_lRWOoPB0Ly5WFB-Ortau9gYJoF8zb8lUoDhwWe9hLC4eS36XnE_gHPY9X9ZeoxaZe1df5CCBK7dloZmdSq0InUanB22WNKWLXHzO4uMw44TeABg_RB_MfuS4H-3XfyyV-8C9rFGU294S_W4hesqa1ZO35FUu88YZT0A1AGDyKT0sSYeq33oy177NEZMQ0W_DhTDpqz2PFQlhEG80RZzXAx3LQ1JbNLSvodSm4LLP4rtwXd7oKrWewxEmvHG5O4RkFvw8e0tqkq_q_Hx43L8Im-dyhkB77--hp6mHjKCBQZLfxSHmhlHc8ZBB0OZos1lKZpO0s9RtuWfVOy2PMisQHKAyPCdJFtKFhBL8BjLAyyq8ime7Or_ekL_jE-A4Wr6iaB_Lj_DLGIKFdMbqJPNsi00a3dHd8nnl1-AQ0UHBpfFUQe2DwBjxr5Xr0W3MsnECvw0s9mjFTG7hGKB-VHAcQSTdpc5TSKWDA4Ko0jZdjuXUKY-CDRSAVhyRzrSeNhKg0IiJtTacE19uW19-HRCtqWn5X_xp2lpVQz95qBcJQoKn1kb06xfFXb7Dj1yg3Hns5cNyUVRewFbW4gFgbPl5j0mpHlu9NdVelXtc1kV6vfTqGKzkOlgFsuDbMVCOz7pa6HNrry5hBO_1tJsgVmPeCGgvWnpxwJBfmHTcFGG4kVeT6TDjzELyVLcnaapzu4lsf4povxwxDHUcqAOOxawuy1a3YQKZ8bMUuEElxM0IB5VLX-MbgvEUKHWdqnTIYaFWjbNewn2hwnO1qZ4V1M7E5asgjvrMZ3RPqkOpeYpldt-CRnBwhx0ZTTRnWdTdOB4Gt5SL4g-F5UKg

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EA6 0
56 B 276ms
275ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDGH2YoX3ZJ6-CY-gjuwPucCk6AoAAAAAOAHgBAI&bg=!KCulK2TNAAYHwnCgJ8I7ADQBe5WfOCQ2Xul0lRJhNj7ySJzl2zUuL6LKnUUuYcOZv_k_jN7DA3c35kTe2mWVmhkpSsHaAgAAAbFSAAAABmgBBwoANJZJRiyFwZtyzGXNnoAIb8PEBZVSWlVzbnLCDLGljJZuC8BN4rGvlSQpgXc7IJiBUcZjcHaZAxH6RuNlKPLpm96S6HCyniFWW7fP47lZ4SgkT1kxxdXh3GtV_CfHkElfNWZsGX3A6c_8z9-liik6NDnKylcEnw7W-bdj4tY-wruEMTjWBqtzocxPg3olEwCCTq5OGqTyHA0KQL6mfgck0nL3l2AfjUF_D-9hFzal4NvRNAK_W2xmPFApVlckrkgV_CBOh6Kk1PD5bxh-8K6Z7PfWHUbxH17VdIy9MnnCM8wUUKawj343NCdIOqBzZQVCZK2MgIVBD4n-ioXo1_AMBGyCkB7Ah9sqqxsX0DzaauN5pkxyLn5mYXFUIYd9Y3EXgkiE3yDEBmS9y_D1OYcCR3kAu6ED-5OHDxGLsIcxOHMRAfj3O_G1dYL_BV_sszWiZkwnuWYb9LXYGjhjHymG1hhkPCo46g6FdccXWQCjhGQyAD4IF0GvBth9HN-uO4Z4jaPJK7twdmP1jt_lvcBIPusG8hx2h_cLUukzBM0duVLQkoN9a01dEg4RHnCAe1e1LbqvYATQlBOHtqkK7YAaEeem79XxLQLqeQ_oYXDf7scNJ9xZNcYi47E281oXGjLXZNM4P2HRMyYYKEsUguxG0sgZZqhkqSgFsMWVKSZcvUPDX8l6ObbtuOhU6jymMfSEFY1pBeS4Z9aLMyPxARXv1Gkbw-mjuGpos0iyZqqa626KRDXCtU5Saeyv7zBzw9hdgrEPXIivZb-guYJXzkeQM90v65wrlp2UgI1SAmWxE6rpAmZMbo6UCYDoVF_BeLKQMNrL6UxzXHTnVx6aBJQX2DMYjVBhvxGp-c99M_JdQS0tX5lwramyV_D6a5OM5ip0inRYaXE6H9ivEIAqCeZw9Uf3KpvcTgIzLdg7C0awuVFaLQParx6ZTtfiCdQsrycIX8szCQWqwxMWiUUOpjZI6Lfq_9Tlf48VE0RQrDkc057_hcRIwFxu11Q5QQMxTvI7nrzVKYs0hGn_tmQM5fY_qg-yZ7NdN2Ol_Xem1J-EEH-oqRw1y2JCFsWnL6_ZlwFH77f63ADFAMK4SxpgzWXU6DTY2Bl2GNL-jA

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame DEAA 21 KB
21 KB 618ms
157ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:700|Barlow:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:32:00 GMT
x-content-type-options: nosniff
age: 310420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:32:00 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame DEAA 21 KB
22 KB 579ms
119ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:700|Barlow:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:53:12 GMT
x-content-type-options: nosniff
age: 399148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:53:12 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 26C4 6 KB
3 KB 670ms
237ms Script
text/javascript 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=750&h=200&c=1693943136563489&js=pmw1&base=te-clr1-98195229-6ebc-4e89-8363-2a970f9ead99&admarker=dynamic

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=&c=1693943136563489&js=pmw0&w=750&h=200&admarker=dynamic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.55.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-55-26.arn54.r.cloudfront.net

Software

nginx /

Resource Hash

0b605a7de6b4973530804d64ef293c47c9c67bf91c27c941d7041e7a652cd9cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: ARN54-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2277
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: i3V2SRg9A3pox47W9DSERx_VvP7lFhl_dbc3FFRjgKUvffOR03E4Mg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 26C4 38 KB
12 KB 700ms
269ms Script
text/javascript 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=750&h=200&c=1693943136563489&js=pmw2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=&c=1693943136563489&js=pmw0&w=750&h=200&admarker=dynamic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.55.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-55-26.arn54.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: ARN54-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 6hwfFln7ueVvC_aVPmolkdAWCCBV3yh87BIgVcrAE9JUe7Rj_UBAog==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 26C4 43 B
1020 B 664ms
234ms Image
image/gif 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=750&h=200&c=5005

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.55.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-55-26.arn54.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: NtcCovC3wIWlJ3roc9hFXVYA7mIu79pf7nhLNJlbPPTbcfDrdQZa7g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DF5 17 KB
6 KB 127ms
126ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 19:45:40 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C4 0
56 B 155ms
154ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7727210921177&version=m202307240101&ct=119&x=1&cor=2240196352323438800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1FC 0
57 B 159ms
158ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4531697479974&version=m202307240101&ct=119&x=1&cor=11816228503121572000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B82 38 KB
15 KB 52ms
52ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 107ms
107ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

38e1a4a9684029be24072dbda61dfebaa51da406b32d049df61f933a09781120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0

GET
H2 200 5b45367b166ec8791e86c5f7d18157e6.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 18 KB
19 KB 50ms
50ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/5b45367b166ec8791e86c5f7d18157e6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

af5f139c847d9c7c7635a6c1d177a52c66431a13aeccb4b45ad7120b1668bdd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:13:22 GMT
x-content-type-options: nosniff
age: 102738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Sep 2024 15:13:22 GMT

GET
H2 200 df8066e891cad15d471d1cbee68ebd37.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 18 KB
18 KB 54ms
54ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/df8066e891cad15d471d1cbee68ebd37.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

7185d9a8b40e31928fe49d1662a786d7bd33fb9bca01f89dfc1bff04dfebc66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:04:18 GMT
x-content-type-options: nosniff
age: 193282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17947
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Sep 2024 14:04:18 GMT

GET
H2 200 0a6adb9daa124e19aa0d33dac4e046e4.jpg
s0.2mdn.net/sadbundle/12495124699423559641/media/ Frame DEAA 15 KB
15 KB 56ms
56ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12495124699423559641/media/0a6adb9daa124e19aa0d33dac4e046e4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

0df06db86a82d7b55463c3b514020d665a28e687223adecce5817a40c1966eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12495124699423559641/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:13:22 GMT
x-content-type-options: nosniff
age: 102738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15606
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:37:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Sep 2024 15:13:22 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0378 0
57 B 156ms
156ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1026485793292&version=m202307240101&ct=76&x=1&cor=958705994936332400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:45:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 19:45:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78DC 13 KB
5 KB 60ms
59ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 29767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 11:29:33 GMT
expires: Wed, 04 Sep 2024 11:29:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 964D 829 B
1 KB 63ms
61ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

032a286498fe30879a9d4bfd86da13283086538beeea8ae9de4a670cd8922354

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gzTxjD6RAqT8u5BwvqypmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-gzTxjD6RAqT8u5BwvqypmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:45:40 GMT
expires: Tue, 05 Sep 2023 19:45:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 get
choices.trustarc.com/ Frame 26C4 287 B
636 B 97ms
97ms Image
image/png 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.55.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-55-26.arn54.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 01 Sep 2023 10:54:55 GMT
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ARN54-C1
age: 377445
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: 4jnTKGa454weMiS68MyknHG6sQ_BIq2x7TU6ywHUPgZJh6-31UyH7A==
expires: Sun, 01 Oct 2023 10:54:55 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 964D 0
0 141ms
141ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=659213895091741&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 78DC 38 KB
15 KB 68ms
68ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H2 200 get
choices.trustarc.com/ Frame FAA3 287 B
637 B 82ms
82ms Image
image/png 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=750&h=200&c=1693943136563489&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.55.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-55-26.arn54.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 01 Sep 2023 10:54:55 GMT
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ARN54-C1
age: 377446
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: SrIz8C-fp4OYxPbrY2kacXQpJgvNAKnd-36TF1jrPIphrZJJx-vyUQ==
expires: Sun, 01 Oct 2023 10:54:55 GMT

GET
H2 200 get
choices.trustarc.com/ Frame FAA3 668 B
1017 B 111ms
110ms Image
image/png 65.9.55.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=de_CH-admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.55.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-55-26.arn54.r.cloudfront.net
Software: nginx /
Resource Hash: f75784fbe15ac27a29c2e95ecbf0521261eb74ebfd448ef1e4d72670dae05e0b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 09:34:04 GMT
via: 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ARN54-C1
age: 123097
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 668
x-amz-cf-id: KEESeVGTEgWg8EfDgWxVP1lHDCg1R6g0FVSeJ1IWD2hbYcympn3pNA==
expires: Wed, 04 Oct 2023 09:34:04 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 78DC 0
40 B 46ms
46ms Image
text/plain 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OwZ2MQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:45:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 154ms
154ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=659213895091741&bg=!1tWl1ZrNAAYHwnCgJ8I7ADQBe5WfONTzlK03gJMASDVql2O-TCtSkzfVWFny3uuxgpdEneuBZ1bA79woXqFRM6q4O_7MAgAAAIxSAAAAJ2gBB5kCtj6KgQunMaOwGCYS0RhnTp1Uf9qk3aRnfeupHeLbAIdAHv_eQQWz7j8czihszIKBdb3ChRibrqIl5wB7BVfxIo3-ZtdLjBFDuFOqUuAubX63wl2chauYqlsSj9LeqYgTfl_G6IzRY7T8qUDiOpcVe7YSjN4yQ-Jrr-pHbxz9K21y12_K0BS1cWmoxtk7xWa9kJw_qD31uPreLpYhiQpkp3SYxFvzfu4KRPV0-6xC_1-HoTZZuS9B-sefhqgoNoxwweXgvc3FLVXv2aTlFedorCPVUntVvNXl1SH1ea4K2J7E-l0aZhnkFAZkxkRUCG_zTa5UXjyASbIrf3i53V0Hiw7Br7qN6yVmMcPhI4caB9LuTcjZFqtZHb4aC4oQl3QsTtvtgHCWWadm3Jg6Y0mH3F1aukIM0wArRBIotB7r4z0mXLMVi-eLcq-xxHkM7JFHiSz62u-4z5p72SJg-FFQqZ0SgrcDjS3jq7UOF9S8MSTZJrYLmMIsVeu2Gf_SXRuRfsXxMpcQTfvW-eLP1eDbKnqZpPMeGdlW-LXzp32nWkcTXlO77T82DiJrFiDDRvzR0bSKr78iEJ4ThOGn9ESKc0x8-2TodACnTOcd6bndM3N_h7ffHSNvdiZVaNHXSb_KUGUPRP1eU03fqOiV-U3S7EM4aQwY29wrQz_B6sua5bY5DDbU_yjwAPahdyzTeNDsKOCDeeQaq7BA84OOYY40F-NFtCNjMSaVyXeNXnWd0tN10YBv4vELuBSC6D94I8difC9ORRF3dmJ0akIp7YGnTKY0njC0qZ8TjkY-KmCXUZnxSWLdBh4oVxQdZgF-HVgLUHHJM-FxgOTiti3EqasE8hmcrgA9gc9KEzolAZiXLVEbMEP9SEMw2WA6WLSTKRgtyWwYaU8Xg7w107AHp-G8aDAHb8B5Vmg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Tue Sep 05 2023 21:46:33 GMT+0200 (Central European Summer Time), path=/
live.demand.supply/	1970-01-21 00:08:23	Name: demandSupplyTi Value: 1eda2ecd-c902-4ab3-baa9-7ae91bb24c33
.demand.supply/	1970-01-20 14:32:24	Name: __cf_bm Value: 0DYLEvlEFiz7SCJRgLxeFWeYyIrp8uim.eTvo8sY.Jk-1693943135-0-AUCrO+ivXYtM16+OqKOeA8YgVNhDnprCEda7iz/YhFvTq7lGGuKTidTC1wFRObKWd7veXwOjqrnp0BGyjj+l/ZM=
.file-upload.in/	1970-01-21 00:08:23	Name: _ga_3T7TKCZCC9 Value: GS1.1.1693943136.1.0.1693943136.0.0.0
.file-upload.in/	1970-01-21 00:08:23	Name: _ga Value: GA1.2.404109456.1693943136
.file-upload.in/	1970-01-20 14:33:49	Name: _gid Value: GA1.2.276564565.1693943137
.file-upload.in/	1970-01-20 14:32:23	Name: _gat_gtag_UA_119779859_1 Value: 1
.file-upload.in/	1970-01-20 14:32:23	Name: lotame_domain_check Value: file-upload.in
.file-upload.in/	1970-01-20 23:53:59	Name: __gads Value: ID=fbf6dc5fdb51bf2e:T=1693943136:RT=1693943136:S=ALNI_MZS6-VkZo0xjJqWuro2iVelMYDzdg
.file-upload.in/	1970-01-20 23:53:59	Name: __gpi Value: UID=00000c9d8adb023f:T=1693943136:RT=1693943136:S=ALNI_MZ2deAcZxyT5N2bLkfUjiu2CbtW8g
.crwdcntrl.net/	1970-01-20 21:01:08	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:01:08	Name: _cc_id Value: 253b216e69ada0681891ffc78e67a417
.file-upload.in/	1970-01-20 21:01:11	Name: _cc_id Value: 253b216e69ada0681891ffc78e67a417
.file-upload.in/	1970-01-20 14:33:49	Name: panoramaId_expiry Value: 1694029537438
.doubleclick.net/	1970-01-21 00:08:23	Name: IDE Value: AHWqTUkNaUqqP5x1gwHFfPqkjZXbi4GFCqCzA6HD-kYm7oi6Y_lxHH_Du7RxADxw
.criteo.com/	1970-01-20 23:53:59	Name: uid Value: fd9742fe-4d9e-41af-a3e2-fc1415cb2614
.file-upload.in/	1970-01-20 23:53:59	Name: cto_bundle Value: e4g2FF9rVlJ4ZTBSaEY4Z0lGWEdvVURpSjZ6TmxHeEFYRjA1Qm1DRjlnZTE5bUN0dyUyRm9MNkFYTGF1Q1A3Tm90dkV2M2dKMVd5VTYwR0NPNVR1Q21Hem8lMkY0Rlowb1ZKQTFOWmhLbWxOUkRUUjBCMFBEMU5OT0M1cmswMXglMkZkTEw0azdhanJpWmVkMG4zTXdnT1JXM1V1WmZQSHclM0QlM0Q
.casalemedia.com/	1970-01-20 16:41:59	Name: CMPS Value: 5215
.casalemedia.com/	1970-01-20 16:41:59	Name: CMPRO Value: 5215
.casalemedia.com/	1970-01-20 23:17:59	Name: CMID Value: ZPeFYgM7Lsf-3eaYCH0fOgAA
.uuidksinc.net/	1970-01-20 23:17:59	Name: jcsuuid Value: JNLKQ1sV9kkVvZWuOY9a
.onetag-sys.com/	1970-01-21 00:02:09	Name: OTP Value: _NN0CbB4CzEANVw16C6dxHV8qVmm4cWgVdO-xw5Dep0
fksnk.com/	1970-01-20 14:42:27	Name: AWSALBCORS Value: sJCmp8jf0jRGrZJgWjuTCF7ouYFtpBfbzw9lyLxlzX0nn6r76uu36fimXwrFtte7qJ0Iv/vnfzIyeAY9iTQ/8UXpdIeGnk97cyZ3yhj+P2URMIBlmjVYMRJjZBXZ
.fksnk.com/	1970-01-20 16:41:59	Name: f_001 Value: 0F1AD9846C1D6DD6
.fksnk.com/	1970-01-20 14:33:49	Name: g_001 Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
deprecation	warning	URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=750&h=200&c=1693943136563489&js=pmw2(Line 248) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45505d7633b0be7ff7c5ecaa7426db5e.safeframe.googlesyndication.com
ajax.googleapis.com
analytics.pangle-ads.com
bcp.crwdcntrl.net
beacon.sojern.com
cc.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
connect.facebook.net
dis.criteo.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
im.bluevoox.com
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
onetag-sys.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
www.file-upload.org
104.16.133.22
104.16.85.20
104.21.51.85
107.178.244.119
142.250.184.225
142.250.184.230
142.250.185.130
142.250.185.194
142.250.185.226
142.250.185.228
142.250.185.72
142.250.185.98
142.250.186.168
142.250.186.65
142.250.186.67
151.139.128.10
157.240.251.9
162.19.138.118
172.217.16.195
172.217.18.10
172.217.23.98
172.67.38.106
178.250.7.11
178.250.7.13
178.250.7.2
18.66.127.127
18.66.97.9
184.86.251.217
185.80.39.216
185.98.54.153
188.114.97.3
216.239.32.36
216.58.206.42
216.58.206.46
216.58.212.130
3.233.164.63
34.246.113.219
34.96.70.87
51.75.86.98
52.199.143.202
52.45.175.185
52.85.49.9
65.9.55.26
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
032a286498fe30879a9d4bfd86da13283086538beeea8ae9de4a670cd8922354
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b0d54955e49e4063c02e3f34a4905b517c58a614216b2204497c04695b1d9aa
0b4b42076bb7d1716d2080ea328338e0f4eb010564d9716cbe2e0a7fe8de6392
0b605a7de6b4973530804d64ef293c47c9c67bf91c27c941d7041e7a652cd9cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9e509e943fb4cb39fcbb2863c88ccefda5cb06cc7a0216d8e21efd34a5517b
0df06db86a82d7b55463c3b514020d665a28e687223adecce5817a40c1966eb3
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1614612e76aad94fdac3b2610f95cd2b4f924e786a47f71a306681cd27ab2406
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1668bbb6cf3e9493da5e1658df74f8a132f306faebcaaf6ed23f8d0bf937206d
1b0d5c7c580159888574dc455c537588a838751dd155cd164b884d6521341d13
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
216af33db51fa31fc6844f74b902d99a82889b8135fa152802dadfcdb85a4abe
251c00d679c778c7d4d9dd099112c5e5d06f6eb809b464bb15f57489c1ad085e
25348a5ee2ab7addc445a695634fee0b8e2ee566d3aa8485ca9cbb593f4b0eeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
29d35eb994f5a9d7b9957353a67cf84d0fb29720b495458efc32d705a484a1ed
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
30bf44ce56bb42d0e100bdb5531f4bc2eaa537b154087d8f113e89395795efdf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
35a28e1bc01d96526e9b7700ca270e107a5cf9701cc1e3d13f180e7a279d3c15
38e1a4a9684029be24072dbda61dfebaa51da406b32d049df61f933a09781120
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bc4c8ca1d6bf7bd4aa3bdb02de41b8c3ef0ff58e1dad65ceeb267cafd2ccc47
3c35b11b926ec4313726d0b50ae1f02b2353438fa848e117dc369484e87db457
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564ee8f070c8bbdac37d24c3da234d443f0dcc5e6dfbc3709b2046fc71c9ba3f
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5be1e160981cc80e35524ee00b2cba56a5ea03b30e26c0f7f22f9a7cf62ef972
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eb20efe30d972b439f91320bec21fefa719133df892bd182da292b18751506b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
671300a57423552c88117f1a28159cf7bbe590a9842d78c3f9eccf5f3ddf8b65
6b363e382198fc67607289876c7aa717e0d7a8e018abd5437e45238a56151c4c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f3aa0c6c05eab5f8e6c2c365a0a33ebd42b12f67e5e9c6b4e3875ff0167c442
71020c356316ebf4de71d33459c622cfcde84938e834d9c9a794139681234202
7185d9a8b40e31928fe49d1662a786d7bd33fb9bca01f89dfc1bff04dfebc66b
7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a
71ff781a6ff75e1bbe267112e5169b70e8dc1c874ff6d81f0f0f395233027d86
7405f28e16005797580663b5fa22bae4bfa88be920c39e18020ad1e83fbe9efe
7551a231a7fea17d4013a2664e4cd7227b67b47d265c2a179fbb0150d264d286
761972dada028edd530d252ca1605556c7835eaa20bf691705e30f6c1ed1a3dd
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
77808a97023f769c83160ecd1e585de87f32c152c9d3dda89307ec7a11531abb
7aac2629fed332dd5892213abe135a7d3f8c66bfef3f8c62f5a03c2d83d31904
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88ba1044662a909bdc9ad0de908ad0c242d0fbd87e8228ad4a70574375d2b97d
8b8c3987c80f48412939bd25f4379f31ef7c914b1d7d45d918bb6da4df018227
8cbd57976b302987c53e46e63692739122ffb921401dbf2f7820773808d4c0a8
9061539a0e09e75d64460f7c8ed905e446558752789c45bf19e365106c354597
98b27de30387307b506599f10749d0878781aa011b92be7ac78a50660f18fc75
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bef46f75f10da65be6e193f3eda991beddc861b16b1a7c991a1cfdcde3afb5e
9ed3114fda636a5486cb8eff6148a0fa53ed1140c0f7ebe523757b507a33678d
a265789ef1ec12988698e63db64ff9d12ba4eed6194f7ce3e148c8d55d47341c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a638d2453451eb4da25e3b966e967172a529e2885c5c0c1cd6273795deafcd8f
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
af5f139c847d9c7c7635a6c1d177a52c66431a13aeccb4b45ad7120b1668bdd3
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0bd087e398f987fa8622519fa462b00f566caea8cc91f8bc45e366743b02617
b0e6c49f049e369bc42b758e2fe38cde2cf2dd3e53c285b2f7cc1f19568f355b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba3abef08ee0039372174c3d4c0d42744f4a7fad74558c9b69f29aa921bdcaf9
bd06651c04b630b7027b309f104577a6d8567a1f431499e14939b1acef65ad82
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0e81575e16e99fc2f17fa33e591945d711d436098c696670fb99d347a6202c0
c2798da552ae859878af181355f18726e43e2192759b5c9001ab7181328a8328
c6a6d47a41718d63c6bdf2acd3e10a14f60e79f6596f309e1dfda30387072d0d
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c76bf72752334db75f153221a6cf4bf22fe14c2c8c610ce37e792dc94d2fdd4d
c7d921ee1b37cca1a5d90988580871380701061f473e5fa26dbcaee18551f604
c9d0d443cb6d38e6ab834ad35240b2d9f19b3a3523c5eeba9d7399e8686c185f
d2de6618f4495e59a8fad069c2714e335eab5ae7ce1286d38da92c54f60801ee
d98831875cc43dd3c92e17cec63f8f366ef630751fdf7366061572cd53a8dab8
dc8613cfe8aab1196113300e3ceb78b99ec5ca9534a4eb771d8a2827117620d0
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd8cfd3d8153c527c550a60d7204488dd8c608ad7c082511be8c81f33184dcd9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e19ceefaab32dcb61413b77c608bd86817173ca4b3db0e40cd225db78e6d950b
e277d7fd8423fd69dbcd48bde5338fff8d5d7d5bae498a8b87bcfacf7f661353
e2886fa9ad39a19b1f1cfea02e6c590220a75861aaaaa5b932aa8c5172f96c5c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
ec14ef99c3ea51b04f78b88cab2a31b1f27bb6001a6c7c4773d202d9e03418db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2302076e84edabf24a17155c3d0d5e162c07b82d0e1b76f647bba68e4c5d8d
ef25901c17b7c04d07aef375bad9a303b2f9bc941587b2e8cef0581f1c954c97
f0f793aa76529eec89ffc0f70f4c839d4ec53810a3b9728de011b4638568918f
f75784fbe15ac27a29c2e95ecbf0521261eb74ebfd448ef1e4d72670dae05e0b
f86dea02c0b2a7e3cdf955a4b405aa13418017931035c67197557617a42b6274
f8d3bc1fff37d1e9c26b9e523d2cd650fc21713adc5c5c3b7a6cadd4ead3ef5b
f8f8293a3850c93804a33a41b293edbd427c3d104e4e9d4cd27b9a9092a0309b
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.file-upload.in Open in urlscan Pro 104.21.51.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

286 Requests

92 %HTTPS

0 %IPv6

33 Domains

45 Subdomains

39 IPs

8 Countries

3548 kBTransfer

8545 kBSize

26 Cookies

32 Outgoing links

Page URL History

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file-upload.in Open in urlscan Pro
104.21.51.85 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

92 %
HTTPS

0 %
IPv6

33
Domains

45
Subdomains

39
IPs

8
Countries

3548 kB
Transfer

8545 kB
Size

26
Cookies

286 HTTP transactions
9 data transactions