mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/0z5hcow6htdc
Effective URL:
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Submission: On May 27 via manual (May 27th 2022, 9:47:27 pm UTC) from US — Scanned from IS

Summary HTTP 241 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 26 domains to perform 241 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mobilesafe.shop.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2022. Valid for: a year.

This is the only time mobilesafe.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.224.194.94 13.224.194.94	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
8	172.67.218.221 172.67.218.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.224.198.65 13.224.198.65	16509 (AMAZON-02) (AMAZON-02)
8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
2	142.250.181.237 142.250.181.237	15169 (GOOGLE) (GOOGLE)
2	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	13.224.198.13 13.224.198.13	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
4	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
24	104.16.133.22 104.16.133.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
35	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
9	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
24	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
15 20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
15 25	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
13 18	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
5	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
241	33

22 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.194.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-94.fra2.r.cloudfront.net

d26adrx9c3n0mq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

elementalantecedent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.218.221 (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.224.198.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-65.fra2.r.cloudfront.net

denknowled.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

dinterperson.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.237 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

file-upload.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mobilesafe.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.198.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-13.fra2.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.16.133.22 (None, )

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 23.35.236.247 (Frankfurt am Main, Germany) 15 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.33.221.87 (Amsterdam, Netherlands) 13 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

t.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	412 KB
48	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	364 KB
25	casalemedia.com 15 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518	22 KB
24	demand.supply live.demand.supply — Cisco Umbrella Rank: 31898	37 KB
22	file-upload.com www.file-upload.com — Cisco Umbrella Rank: 556615	554 KB
18	adnxs.com 13 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	17 KB
10	denknowled.xyz denknowled.xyz	12 KB
9	google.com accounts.google.com — Cisco Umbrella Rank: 78 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	dinterperson.xyz dinterperson.xyz — Cisco Umbrella Rank: 22082	3 KB
8	freychang.fun freychang.fun — Cisco Umbrella Rank: 24503	403 KB
7	cloudfront.net d26adrx9c3n0mq.cloudfront.net	210 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	163 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	209 KB
4	6sc.co t.6sc.co — Cisco Umbrella Rank: 7749	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	170 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286 www.google-analytics.com — Cisco Umbrella Rank: 35	54 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1452 id5-sync.com — Cisco Umbrella Rank: 600	12 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 8253 certify.alexametrics.com Failed	4 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 11613	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
1	mobilesafe.shop mobilesafe.shop	6 KB
1	file-upload.site file-upload.site	12 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	elementalantecedent.com elementalantecedent.com
0	a2z.com Failed redirect.prod.experiment.routing.cloudfront.aws.a2z.com Failed
241	26

	Domain	Requested by
34	pagead2.googlesyndication.com	live.demand.supply f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com www.file-upload.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
25	dsum-sec.casalemedia.com	15 redirects googleads.g.doubleclick.net
24	tpc.googlesyndication.com	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com www.file-upload.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
24	live.demand.supply	mobilesafe.shop live.demand.supply client
22	www.file-upload.com	www.file-upload.com mobilesafe.shop
20	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net
18	ib.adnxs.com	13 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com www.file-upload.com
10	denknowled.xyz	d26adrx9c3n0mq.cloudfront.net
9	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
8	dinterperson.xyz	www.file-upload.com d26adrx9c3n0mq.cloudfront.net
8	freychang.fun	d26adrx9c3n0mq.cloudfront.net
7	d26adrx9c3n0mq.cloudfront.net	www.file-upload.com denknowled.xyz
6	www.google.com	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com www.file-upload.com tpc.googlesyndication.com
6	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	s0.2mdn.net	googleads.g.doubleclick.net f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
5	www.googletagservices.com	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com www.file-upload.com
4	t.6sc.co	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
4	connect.facebook.net	www.file-upload.com connect.facebook.net mobilesafe.shop
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ssl.google-analytics.com	www.file-upload.com mobilesafe.shop
2	certify-js.alexametrics.com	www.file-upload.com mobilesafe.shop
2	accounts.google.com	www.file-upload.com
2	images.dmca.com	www.file-upload.com mobilesafe.shop
1	id5-sync.com	cdn.id5-sync.com
1	fonts.googleapis.com	f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	mobilesafe.shop
1	mobilesafe.shop	www.file-upload.com
1	file-upload.site	www.file-upload.com
1	www.facebook.com	www.file-upload.com
1	elementalantecedent.com	www.file-upload.com
0	redirect.prod.experiment.routing.cloudfront.aws.a2z.com Failed
0	certify.alexametrics.com Failed
241	36

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
elementalantecedent.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
denknowled.xyz Amazon	`2022-05-25` - `2023-06-24`	a year	crt.sh
*.dinterperson.xyz E1	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-06` - `2022-06-04`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
file-upload.site Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
mobilesafe.shop Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-04`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Frame ID: 7DBC015471C7DE72FB96835383F76048
Requests: 113 HTTP requests in this frame

Frame: https://denknowled.xyz/NlBKaURXMikEe1dtKE8xRDx3THZwdXgvIARmKw02TmkpWioGPTtHJ1o/Pw0iRD8kHWpYNT5MdnAgGwIobwcdWSx8OhNMdnAFIDAjZhcYPyFYFjgwAmA7AxA3BBEwI3R1Bw9QD2JoOCACUScBLREAByMsfFA5ejEOWAIlDzNzOgATfV0DMwoqeWIYCh51N3ImdXRiKBAzRhEjBXR6FB8xCWUZfyYjc2QAB3BFFAJRL3gpBywIXwV/DwIOFSwhHkYDAitxVRN+LAh1YHklLAM+L1sjBRcdDXNXFyINJn48cwgtDz4vWyNDEgkRYQQWKCE8UxENETVXAhxZIm59DFEcBRklIgddEgATcA8fPTA2Zgh7Gw8FNHwLd1I1Li48RzEfPDR/Az1ZBWE0fS53TjYpABFOHS0BKlNiLUx2dBMJLC14YwggJ347fSQWDiQALXUOCD07PG8ILg0mfmE4MBJkIywENA4IeSByeQRyJAl1EnMIPUJjLwR9BQgkOzJ6BxgKYlwjJQc0CwFyOS9AIzNcNlc9KV4nQw
Frame ID: ED1A1B002378E555E61D8F317DD80217
Requests: 2 HTTP requests in this frame

Frame: https://denknowled.xyz/aXZ3bDYIFBQBCQhLFUpDGxpKSQQvU0UqUltAFghEEU8UX1hZGwZCVQUZAghQGxkZGBgHEwNJBC9GJStCHSUvD1grNzoaZS03NC9uOyYRKnwIEEcqXygkQwFxPSQgJncsHRMuBiY0Dj1TPB4UHmM9NyUvbjs+LgtVJDwPLgM9JxACcCEaFj9PDiI9AGwzFAAhBis3LVx3EBElJF8gIT0bVTE8GylOKho2B3EtQjQtZTwhLjpdGxAxAAY9Gk5ZbhM7NC1PWS86FF4gE0cPRyFGH1tkWiAVPQUFJRMVWiATRw9MKBE5SQQvJ0UqbyVEDypSKzgVCmBcHiA6G1kZNRZnITUzWGUjETYpZj88RSBgAUAmK0YwIUUUcA0zOit/ODsHLgYBQTkrcDMuJDlTJQFCJVNZFR0oUV0fMCsHJi5EB2MlNBwvfCs8HztlHQ4jAUYLJ0Rdcw8wPShQAiAfO2BZQDEFfyI+Di5lDR9GNVMCNAY7cB0ANgJaCFAdH1kHBkolfjpGAQ94OixOFlQ
Frame ID: C66618CF26829E22580166B68692DD1F
Requests: 2 HTTP requests in this frame

Frame: https://denknowled.xyz/UEFMWXIxIy80TTF8Ln8HIi1xfEAWZH4fFmJ3LT0AKHgvahxgLD13ETwuOT0UIi4iLVw+JDh8QBYbFiM4JyILCDcIE3gOJSgPLh83YSUaCDATExo9MAcAAT8xOCIcFBoZCwEOHTIINjoKATsoDjcScBsNJxICD2g/NQd9NTAGOXgNJQYYGRwgAQYbPigHAw4IOwcUfBwxEnAOHgoVCQ9pFTYXJBw1FDl8Pzo3dCkRMBYDGgEgFhkgCzERBA4ANyd0Lx8waBUKGxYTEA02JhZxBhgkBiIvCDQGGQYLFhMQDhQ9CAQWHCMGEzsPJxoUBC4gFRYZHyQRKWEcMxYAOAEwKBQLHTQjBBoPKzgDfBc6Ay0dHCQFCxkNQzsYDhgZHAd8EAgBFxkaOhIqHBgaNAIdGD8TFB4qFAQUBRgjEgwBHyRgJQoMNAYlCTE4Ay0vOiAVDy8BGigJHTI0BgArFCARJhYYNQYXGxAjNAUeaQIFAwoANAcXFX8YIy4iKU8SIyEPKjsSHw8DFw
Frame ID: D6D383EF1BD55E43C019A3D1C93FAB90
Requests: 2 HTTP requests in this frame

Frame: https://denknowled.xyz/RlJLNkwnMChbcydvKRA5ND52E34Ad3lwKHRkKlI+PmsoBSJ2PzoYLyo9PlIqND0lQmIoNz8TfgAoL111JwYdURoPFhpEFjEbJmYiBDUfBSA0Ngx0HQwBIF8CIQgyciQxBwRBfTAaIgYaATgoAiohG3pmIgQ9HnUBcRsxDwAnBnNcA3YmbgQOIBE8DgoOGD5XNXYKKFwvLxsjDiYIOzMPHgc+PW9+LgYtYTwqHjMOJBY7AkAOESIkUBgfESpbJH8zHmwkJz8jRAIBIiRQH340AmE0czQeYwIgYXJZCCg+PmwEdxctTD9/GQlZPQoBLAAEFQs+VwspJS5bYSpkL10aczR4DyMeOxpPAxIHKlchIR0tYx5jYA14JRcoDgQ8KTQfDhgKFg5fLxAcclclciUJdQ11GQMHCQUFAQYoLQgjVCJzNR8ECjI0eAcJICsgRRwuMXJ7fi4jBn48NjclbAojCjwCFhMxbVw/KTw7CxgXHgZ0eRUnKGMhMw
Frame ID: 85031EB59712FD156C4997C22A559BF3
Requests: 2 HTTP requests in this frame

Frame: https://denknowled.xyz/TkJkWmgvIAc3Vy9/BnwdPC5Zf1oIZ1YcDHx0BT4aNnsHaQZ+LxV0CyItET4OPC0KLkYgJxB/WggJNQwEGBFVEwEAKBcuChoXExcwFDMBDS4jIQkuBgM7PTE4CgQPHhA5GC0ZUA0nCQMxAwopf1oICScMAxQVVH9aDAsgOREqLDUxJjQYVgNaLXYpCQQ4JjxiAAE4VCsyDQMIFAEfZ1YcOA0XVxAwdiUvN1A9DA1iAR4rVG4LBikxPiAqLgY3KjYhNxMBHgExaCEkKlc5WiV1NGkMNCMzCF8oCiJiMikuVzlaJSstMBB9IDwYXAsFNigyGgwPPjAMNQENISkJN3c9IAweA1AAOyVtJhY6Ch4/KjsGNBx6GCMIGhQVKW8jHXJQEFsqOCM0KnsbDWofHitRaQt8KR0WAgszKjQQOxssH14eFg9jJAo6Ez86HHc9Ehx5JCwMGSwaLmIMIzYTPz8HOyseJT8LJzJQFDVVNAsjd1M/LxwsKB0AeGQOKQcgMlkAPwUjEg1ZehsN
Frame ID: A0E26ABD2F9F9475A662F3CCAA4ECA10
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: 002DB2CDED7BF8B049355F5F5CAC71D1
Requests: 1 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21D1FA46EA7241CE8C4E58AC6F9F9ED9
Requests: 1 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D3F0AEDC3C34FD824DA5934BE9D26C6C
Requests: 3 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 372C1E62971E51EE2CFB84F6333EFB20
Requests: 1 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85F1A40A2F60E6F478590EACCF458277
Requests: 1 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 09E948057A2AE064307715CBC2082613
Requests: 16 HTTP requests in this frame

Frame: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8828B7F6924983E8F15AAE2DB9E118BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNXnZroBY-EXejThXWFzRRMrJuYu2p86Rd35VOeIdo-Qlpuja7jc9rVEisOUPADnY480tFnp7UhCpO6MPD1d2Hwwc-aP0fLVKinWFn-ToowPduJmh3UCtffHwuRBKTvLrohQJJBdNgKfGO1IX0ENB-zuDeNVNWpw-d_LRbWDch6gj23oZX61ebmRVALnORamc9k7bnvjR35UBqKc8DdcCRTgELE2sA
Frame ID: 75B9233533AACAC9D4A137E82ACB73D6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXrOdASrjmV-VfOMXwkq6UYTLzBu9LFleBAc99ewTiolYvq_D-IYfiXX7pECtsa0Tub_4SxANsf9jyBVdF-WaTyjjDkozF2kj9pz7mGmxE4HRKxuU1rRwmRvMaTBKk-j4ZIUCnF2nTWrzA9WB9ADN8zWJ2CVO5f60wf78Vb9zoAI5MOzgJe0wZFG4D7nnD02pu4Z0QJqHxNhcZjwtJbZu2uMlf_gg
Frame ID: 51C76A2D444173FC5B54E187F32A5B90
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz3iJ_tsQLMxEk3K-lRnKB1RZFe0NGrwNvG6v1ffP5QOp6yAiAYi23VDrbVdfG96PCD7ixrexl6CBl8f2OZzAkxziKZA&cry=1&dbm_d=AKAmf-DdPCBuZOahyRTNVbcEbxCJZbOv_CWMPxuJtQ7wJZpIMxR6kUS2GS4FgtxZJDGbPITP8fTFQzPmAjVsbNmAA47k26pLqgHWWJpzudo5FcIrbefikDkBKIctjjFD1Xt_1-YjNVRQGR_r4tbqG1mo7q-YpseIZOIBlFawXyUy6Ck-UUgeo4dfw1lX_p_Wl3zpxeZN5gHMKsQYb_B6u6zNESDfhy8cYkfF6-ubxBKxlqe8cR7edpQ4wGSpkYgmTK2AZYVxW_PxcZZ19kMuimvdC33MqPKe42xdAg2BkUlrsSpWHVJQx1JZ-t5OGswPPsY5dCIwoe3L3gt8u67BLvbymcyUsExUr07ol-40OhgTkVlPBOsLGsanHq9IJ3Vjyw9dX4uvf7yXEgqnebYbiw4jczKTp42xOyoq5Qy01M0U3iF4rkUsYDzL4SuoFcYKN8CVi_hxq9bmnTOWEuhWk_CdFppw6NH7TXzB4wa-xktGwxjJVIXZKynZZtQLypheiDhBzGAjPSrlpx_4LzykrPNTmmBtow_kCWSo8Jaa5B9h1aMOUOtdf7t1uO4Cyl3Om7jFwybqYZ0VVZY24s0E8oTdG23bnvmbFH0RXJ1fqTccGKUVh4oQjDXbgMuRNSH6ZRnhGCSxEo9apQiNqQXVR2qlYDJJLmHnqGfNwh06AAGLa27AUqZCU-NvZNfJatJ31n8C_laZSGSWG1wUv5BHJCEI3yb1vFK-a4HRRp4W4A22wepqYxd9rOsUe6beFEuQCar2cyS7w1ARiDAoZYY_0qKAk9C7NZM1JrpWh4QJVJdpp5Vjg7YRY_xb_AwL9ouiue5YONtEOKXGl4nxj3rIkB2OZ5ja46qNaN2mz2Vn-luVy3qZG3lXJesDsfbJ523CpO4FSwZFS9wAzm3nPCdDe_44RJh19wTa0p7XD_fVBgCkg9-PPUMeyutL51H1IHdORVN9_LnEnJz-crfJshTRFsvUM3Q7xABfSEfBA-cEJWlZvLP-hFOrnkKe5KLXdGQZayXTdZO4EQARKhgLn_C89q1ZN76RZuQBLc9rKlxQ3DCy3-MhgJuMAiqGT_19Zre9nfAlNAmBPan9Z6v8CWYqmhu4yXpkiCNeUl3hXPLJtIDcGVDCUbB5WztIssSRtNpv4bEjSSOVhCusKr6T46y592e026-qlzk5FWc9xz7ZJKoVyLCh_xL7K0v2lWydEybddG5H6KH9c0TpSxeXzQoCFTfz-wDPZzLu6jFeWrQce5zoBLztKhFiG5WXsi7IGK5N5kVD0cL1_RZU24CoksArxKkGzDTKzkdYKi3ABWPBl7wNRcYpF7NluSADx9H9FabfHFtGz2GywsIfYRNGQFYRrE8OUCoS73Hi2uOgPu827nOsR114YPvCvt9_kBkoEzCtXbgdgUrUaZEUPMcdQ4Hat-Z649pP3Efb28ErNIprRGBcvcx8lVcL4XDKENJJcIHvsTaUCoNybTYzpq_zDfB4TKqUC8vJyES15s1Zu5Chj6f1UMCmlc0IOrTKuVDqOWidvqN84YWA3uuBJt0sUq5doqEJmIcaVKeX7Fj0SJSPR5YVIA-0yu4ILwnzXQi3xfV_EmkNKs8zG4JIAa-Iqbqrj_sTMWuqzxKzW2GHUEOJgGtwmF2r6ol4vTH-BEVrCZ9CKzeT_ieSSPR2aFOn5E9-V5wUWZT2EhrEBQordQcTVuv1Gx40OieQVBzq87Tcriyb_x-dIa04LjZPvQp-dmD3xTKpMvVNTk2m1U46Vfafwv3nqZMOheOTD14Q5EtOL326genZH94zNtcPqeugWZoVWdvm44HgGGylDp9Ms8FF42_x30UpiF8IbBCKo8z8OeC7Lao55pWOLbuxFAq4uoNBdhLssPppd3vS6pakfTVz7yUJvLu3O4AayGx7TLDRRpwlYVx3ViNY1Our_2e2yzZSNnNWtZhLZRLuDTaRRXB0MUJeQdhK75L6K-xIlwN9hIuiJ0yGu-AtEmcNFnkoK6PdxNewmerOsDAiTs_9e14Svvknt2hzXTkjri9FLMDqta7pqg1y8oWqhzst36YfWvtycBjUgXzCqWHrjtxYR4A8Z7htYEE53_xtK_AHe-FhEe9ZEMRhhwlh5DwMGGbei8CArNO7SjYOJ2gYn1EcxjhlOVNYV06p6IjVXKOX3_Nt7p0GVzmAFNKh9OmvV7FH_3P1OhqjO-I1WrDB3EaER8GAf7Nivc2FeI_JeK-Vbzm1DwVS9H0cYzkU10wLyEWtC7Vlu8T_6aYhfYTwI3SP_g9XNLizq5CWu09EBsG6NN7RxMDcyAqNHPRMC1ZS92eLhSS7hfrgBqBz3-WdZxkZdovagRSA6xESSybC9IuK_GCXgOpi7z4KSqe3rGILFB9dmON0xxszImj2ioUJcqzqK-6HTv41z-Yb14riCJlZa1N_6A22JsBMrKrZbO0mhCv3enIWYXrhtbi1VLgRp6x2VnhjbtDBZLBaSMXMMfS08VxQ92wouv86MAnFgkvRikiG3bZbE_fduzQSkn2ekTKI_vzbVc8jPvS7EHHtAIgbGxPGovpdQWUF8mVGKikdnLN3Qbq3k_Nu0m2U6R78vjaFhZIRuxuTf22JV9-icAMUaMrjzlh1lQFZxghqs0S1FLuUFvPvo1TbHl7FL895-DMaw1OT8MeQj4dgYISFMQyNYcq5v8wSfzk4Via0CXbDleiwVQyhY1qpWW4dZlnTqQRIctwmqS5b9gvdKnsmzokAMh5hF5zgrJXsPCgH_TzhSooRQcKfOXfgEiNMHf4v4RNHieNGYpGgNfyufhyjRGn7U-3gxk0DXdftzCl4Op24jwzta7l79U1zaSAA_3Ib0LrU8oN-hY9-UbJwe28VbhC5fNLO__75_aW5JS3-3L098TGiKHzx9SR1Xm-uSVstigge5ErngGcNRUVRY4f1atMEu61qCwQDckC8RSRkblN_orXuQy6kfamc1xdBH58eew&cid=CAASKORoJrshABNBL4OqC1vFz1v3g-kTOr8ShLg7WPPEZ6tOX_EXxMIkuus&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240
Frame ID: DF1706CBBF0A8E683C690D13FD6969B6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXUVwWm6zFtBZU7Nfhla0U3RxGmNnFp2Q29yqdqbgP9vmDZiBR2t2JkcBWQs7ko6eEAD6Su_hUsIP6as4zNKszOyLfTKRr7_4OIsBF_qk4DpeVmmbK-4FdlJ6BySzFAIH-MK-l7OSMAflK0oyKBB5URx2cA7Uj6nFjrzDMTxJmS8w-K5Uc9KyuJ8XmUz_7EmZsx2uPaNZ514g57kIljIC6OAIlIRA
Frame ID: 6C1FE6E2C3853917C1908CAEB57D5009
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXeAje8uJ48siQEFANBI40UALysh2muyYfHF6KKAp6pRFFLJ11r6s-uhRCaFw6RChnb7DO4-NugEvOhO5Ye_xnyCPGCg&cry=1&dbm_d=AKAmf-Aw8cS53RMCKj8Ti284v-Ery7O0TJMQVfa_Su_c5Tnm9K_qLmhxluL_dGAkUWi4qRrnnrOgCNhWh1EnVOv2-GFpiqgkuwfk52dgfLNupduv-UNpYfUm1fFF4Zz1EqFV7nyS5HwKcq4OLPSLqKaQdfQnbnTZ2ugCreidB9kruH9RH25Uh3miWBEp55uQbLUQtdmWo-rdgiwTU-_QUSJf3iIoMYA98NW2k390PspxhW9Mu4WqyiAavX9EnssbPsomwgBBN7sna34aZvHJKan-MG5OT4-PiI2cClAXdYLwXPHiI6AYkuJiTJ1GkamIHOxmCYDclI4d5Ud4xv5qdI-UAgBKU-0_S0Q3bydBH4ZVsaPwSQ00RUyqRbFd6FLeVu-2GYJUo9qvRTnv7unGFQsjUxlDCdDCxEvTm0delNpDbPdrLDJDLKhSfF6stEgRB04UHwgVbukUsMyi4gNxPUIzydmCnFjrfMqIyJ5H4vKcqimUhhJ0N9djy137kwB3gAsfDzRFV5pH2oLxyuqgZMUk1jtqya1558S9NJ6jlzPdVK8sj9GqQYygoaTrfek8K3t5SDptuR9fjDvhq0VhwJdTKbyamgEs-I7PbsXaM5UPymagj29PKdZz8smR6sXcNaNP_yBhdhGIpAVhY1CgE2fL1lnwMYkTSqhiGmJiwukvhJ1i6zXcXBVFwYbuYj7VB8khSqgbG0J2dufZoqQypp9zAVONnzjcPCOzoKyYTVmGezW8BUrvQ2ly20cj5b9Jq5PMeNYYVJ_wzFdGTBC1rRyxFQIzwQfijtArU7-c0z05usl_4Y6ubbK8amGW21CrGGEZuS8lmmtCQc_OGNyQhm6xQHf7sAhL8WNVFN9s3cW4aNTpqTTPs86Jlb3f3MaUni_xwKJgBKx9M5bVteejNCw_Ui0KLiNsSDXtqcG8CCa47usYHSq6E4-4zeRKFuluu6_yr3MRJn5uKJ0zaDVBlz4ck6ltBully7Ggp96VLebcWQnytxgetvhCqQfd3KLVzXUWhZSHh5eZ4Lr7SSw9z9nPSjuI8bew5566ueQbObYrzWTqJKed_7X9B81ZPglRrZyZ1j2UNgKBIRkWXKaXibY0e_R0LSyA6952QDVjJ17ymamGCPmh-0-vpG1y8IZW1E3yW6VzdTRETdwySj0mamwoQkBXPvazWXXo-mXgcz0iU2TGedhnun-h4TZsa0Em-B3c0SDOzqX34tdhMiL185pi8kGtaxdQwfqRvYqbCAFeD0RM03Km83Z2MF-0ECqknDe4EHJk8khqGT_MfywCQmx9b6UnH5KYS_kgoRR0k7AAU3mRJAafyDIiafcCW4J050OEPMoEA7Q_rvdN4NBTyK6YLHF_SVq-JIsJcEfrFUUcyJBpXvvmXKbC4QavLi5Wnv7-fZCbavW8RsQGXErPEl52MOzLoOXerBRV806U_bdofwOlXedrYyLc864xjLaTtMnkkDEkkxzsvfwZkF_rNRMaO7vBz5rMXp7sBBzkK7vNNpn3yx0AcnKsXJtEdMyQkiSyrMORTgc_qfgGZnFLdkJhfdpnW5SlZCuPoIJdCWKIed0CUqdlPxIUjod6_Ypaznx4P4RhnEoIjITnOsHVVln7MdD_928HkyR66utbCFdpIEDZLrkOOUXfwyXWwyk3vNQkchAnXCV4PPLAOUfp5RRipfr0TPSU6X1K6wKcC6xw8v1MJ3r9a998x0xoORun4swhSb3eheEXNKemFKb6WRBlBZPGR7_ADaD5bCA80RlvphWWyq11bQkQ2qKv_yylTW3fgyDIUGVrc7vwHZvax2-8J6G9ncVa0dC-Xr3H5AWb0cI8zLSY07DmnEmvI0YKuKECk07iVRf_ryf9b0j5CU90NokPimhk7bA2jWaRET0oNRLvmuRoS4U25Y9wbfOe8lyhEHh5uOCO-BFjZozI9IuSvkBN8_9C1yJQ2QRYXrxwW9J3dkLgqdBi44m0OnB-1o987MKK4-urKspyJGByNcVy-PXohiixn8ylq6NBqV89uCVZLhOaRDRUmaF9tZcqAoO6eGsSE0-ygm9B_Lbm3gHgU1QbNtmuTgboFhynmEbMVr-BNvVwajeOZU-XU1AKJyQAJJyx7sCZMB8IS1chV139BiC5eWBexyInCVYjcFik1ifEAS4SPpDWDwUcvndR5VjahhRsmymrM4mhE3vqsuPKxvzsJoAYbV_Il3czZsw7DuUDWfxNx6obM25yJ6cPAucXDSBLwGp79IVdGaJ5UU4Xh5bj2xWqG14tbvuwEbHnvT2HcDvvS53xrVeQz7Q41ZZxdlbu9JQrBvmeohcLtGQLOEYsYVrJCH41ydmIEZX_Um01HK6vHFjwP62WSV61Ne8cZPeuxMVE1L3E2rjUGScQYYZbXBF_B8aPdm1JZBwhSThITTCSU6LssME-QJZ0nT1NEYNsF_rNE50SSyWGcfTctah-EhffQjuai7_YrMTV-CHn1HN7CJLEMwIGgnNAfNSeEw8_LF1k7RvY-9IupTSSvNM18cYoKr2qo7k_YWMNGIvfvHGpo6ybqiHtEJGUIIoST4R7veOZHGQNYLNmBrMqWNL6-QrfsYiswHzHXi5EwQMrt22A1ZiDLcCU3YIeDUhIpA_6BF6oxfzM5x6aoo5IwCmMND-hGT4LddMCxgT_hKmEIcNFCwvwDYcchwHi7bYAdRrUvSeOjZLLadnGIgPWivFfu9ovAs2upT_-UphRYfzyPofzF-blrVEB0ly9i_gVBKnw8-bwmQzs6gDCbS891YVYr3MW3GzUZmLvvBEiD5UQAitW15OxJw5rf-0VOkl-Rg7esyqilv0FYzWvIAXOLaaEaAG07L-i79iPOKbtwVtYfi66S0jhiQhXYLQAlK1qm9L1pj_3ROsVJcp0oE-_PVyeakB4rje3Wm6hWQL4speSKMMOXzt5GxXL-Br9t-YXgsg1F_rMEk87p0LamHtGapU9i_tDMQrSn4mFVdpadkTfQ-Uw8Lw&cid=CAASKORoKt-ToQEz93N0Jl1ulvbvUV7qTQMto5EpnZ1pQWRAF3X9s0BPSCs&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240
Frame ID: 13A94D99BFE4E51B30E472E9E0471EFE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT2JhC56PjEAhiP0czCATAB&v=APEucNWjzOwim-hrgKYaftjEE2qOVp6uD3qL0tQzDnWm1ydphNzI3cPN0TGKuv4co--r_EEVfxwOWOr572hKzthqI2UnH6NjAmVzBrBP8aYYZZGY3SERjKU-cC1bR-THBnmkOfnm0czekimfwrslRqHICLh83UKNsUK4niAW95pOh9CU4sBebt8MgQcXesNjFb_Sw4_JoVQiSs6jmFoPJmsnqEQOc5BZWQ
Frame ID: 67BBAFDAA68FA1FE1FB99A058E17B742
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAalKrX4fucaNBmlx1MOGuLFXyZ-Wju2reqHgsffYg0UM4NZxcN4GGh8zZiwKrsAik3nMaFCHPuvhfuLU8VJNLJtKQhznBuMQI7lQHwoMBTI7heVq0LKoxvIZH-1vLribkeLqlshMYH8G7sqinblH4bC3K1A&dbm_d=AKAmf-Bn8EMt-VSaZzix9MzdHqPsV76ujt3d7_Awpmnr7WdcK1vW-2Gt-VwQ8O70ZpDD9WX3Tj25_BN8Jz33WO6t7_hyxsRHkOdK3ZK7R6GlC91bB6ho-A-nWZrJ28JjEfBF0ORGz516i_7qtVV3VsNptgRlinou4IbKiBxurx4Qb_FWdNBWa8FyeWyE5ZXA2MQBZ5_ZQ1J2EUNQLXkwmUF5TbmXLBNXdfpcmVJXJ5BETY44m66KBC9rX92J-TqpM3cZA3U6X5S_3m7TQwGIhgOg68Pdp_4CgO9eZcBlBYMADh5LWjGXtXCdpEjr7qHCxmeAPILXi4LT0uc0ea-Gn7E7iJjGbm59Frh6hruN2enRjJ2Q0aNl-9sMe8Zz4RT4qTxtMFKNL5cxTZXC5SA1d5AZT09R2fpD7AiUhOXvsHkl8rmeHu3zftbiMG3Y-Gz7N6BCltrp3EF_F7PW0aR1EI0yBYrOqpM-cgz83sPdWyCO1JssmRPMpXWg8GFRpYqerpOvsXRUtxwB-5NStWtv9vz4-wV2zJ2BUc1LFPvcD8WkyD_KaXjzro_0sWEqGLtQ5FU11T496AL9c88Ty4LqAhwEFpIoDsNJgx4tccGWkIGrXwBHR6QCRxZaR8SiFA9DnzUAp9Ukgx8I7R_j-gPN4nDaQ9M-PGi44tNriBfAP_q55dK-IQNu0t5bRSHgy4dIVQcbzH8fAig4Ewiw4b_IdJEZV1av8lGGOC7S6lXPoUkyGzBDR7H9LqllZgYcEHATja9aU12LxtDgR2xcJYbC8zXBxKq7hVjz1ti3bBXYRXwDB-MywHmudf9ymajXa2TtxYCn7JV-ldg3OKqT9tG3LPCPRgzlpmuDvBZT82GLRcBWzms_WZvXQUy5B7gvYpHcCRbY6VMT4B9f0zT4sfDlvxO2GgA-tAhK5Xlran9doP6Kt6O3zqXKnk3tgcSCPZ-Ox9nchD9UGFvTALbde0RUFU8mYtlFkZA7Rwc1Ij68EbRdS9-ZMydchzdOOtJGtSBaXtjXYoKB21fwm-bdXvXGPFNMAUlLd_ZWTA7VZs63W5k_IVaIZHcG6QS4ANhVIbi5ob8MR3KAPEPe5PICdff-earGBb_oK9zKEivnmo71JjCEN5z6lsyctGxGH4PMZODlFow_MAoy10HYV_lpB3noIzNKh-iZb8B8a3VaJtrKbAAFDloIBcC6sbF8qXHBs_R2rpJysKFO5WfdmNRw4b3hgxAA-FDF5cCp1hrMZmBXGnYCbiZvvu1eQ04oIT03EU55c-O_6u-NwGBYSVE9Aglp60pBkZHo_qMt8nsripqwnfDva6RoqsdRxBHXV14dlcs-9kczhImSLcYfWk3YJ7MPUKus8GDLWIsYADRrerOnlhiOTiXiFGjzj49rsSzyIxYy6kD_AjrfN1TRsaf6HOZ2wD0tXlbSlVfcCZA3fOtEDaFVypwr20HIXt3972UwlInnQ_XUrttpn-kmbn_uai2-FX0UzYqVrEimB1p6v_S2njNbPR89_4i0-lYTatFoyjuarl92EJFmBDI4dpcNAaaW48atgv8s00A_yBuio4Fj3scWQWpa7gb_O42DA5DbQxjIQY3dRTUmj-SVbVlkcqBcSgSJC1gmEetbfZvZk3hH19y_Tf9fSUtJv6z4l0ciJKtJeQ9xLD7Pk3sZmlbBo82OF_qZAXfH-h3ygaRm5URA2ETfK4osDccP_a6KbXHP0RGLdIrdPU28YLX0HXbN5aj-G4J0_0L8SFRcQs72H2Olzkp92J5PDKoRdQda_PI9OQjqrT11vaO8WJr6myvVKyaGJFguOB86wTNWFvt-HUg6tyzIDvc2kRHrI5GLDp5gdbZ77YPpMwMVcMN1clPAeTf8beUppWoatleD7UbzzheyefNTjqTmRI_zbkM1OYkAU5g4XQdBgLA2hz0QKx3dC9GcdDxY6mKzqc5aQF76-WxMW61Va9FkqCWdOd-And9rhxA9Yz_OTDpeSRsjADuMiHg0zQQpKQPZEu-sYNCnlq8qx2reh1YujMJix7RMOeZOt6ZoWI5U4vGGROETmh4j1OWqppRJ26EDW-5jkD8Z2lPkpldZCshXO3tiNWgo1WUk0NqqS3kzaddAlelV0EUFUJbb-Z9O627w_C5CuJM9zNxLEufE4UMDF68tAja2uUbScTk4nVWUiTgF5WrfPBdthu15jXmSXKYhn9Lqkxj59krE-dJWE69RvQQLAxYb0fkpiGlSUNpVd_34A1Gia2QQa9-PWItlEEr4TcaQR_nI7x40RDYkbzXsLhNwuFRFwA_-8dwhhjjaxO3tLCtfUqAB5jKRcz6_V3wL44W4RHZIEwiQjmZDvqxpvNO-0CdD2Oj0u7Qytk12aI05VUKJqpG-1T61-dr-AqLVdU2R_8ipapCyEImmXPIMDoGp3MI9b5VVz6Kq-tb5X7SAp_QSQDRLv4nHKO7LLXHGz_tyopcXOnfTKoBgJZPJpQMyp98zz8qGD_cru9IKym7he2ovBCxoxTHX5Ov80fUnVncxkGjkljR1S6Q-1YR-Jepk63_LEayYDz3EBs4DQrQRcSScpauMmrgHeeMOED2sYMkg2-5is3oWTp-g0S07DUhNODlgOjFoFB5431XAIiyGBcDcvTe3sHt5F3ogPJvbiFTZqOG6IHaHu9D9QtRpD0pJExJr4pUV3W43rVVorMeGm3x0kbceQ__aCux4rGpne5t8gKtZ3rx9Q8QznY7hmK7vqY5VaR4w0qj2c2n2CloCcnq5etwnlV3anEwsankZmpiQi4yH5WLSwQiqkwMbCEyPcag8fKwJ8wOPRRaKrvkO5-afKMgVecOKm4uiJHOLu_q4u9qAZOj6AvhNeY0l6zBHG1D5XkL7areY1eb87oD2huCmFYelPVnVx7fDXFBuMFprtkR_B6NG0BzL1ziGRac_DB61xWeuljwhhVxcj4u1nrtg9NF9sdtP3LcaisHdaek5IcSIav4ZHgxOWLH-JyBMp8lgZygAX11RacCERIJgnxS2AmhRXkOUFwc6KOyvXDVGKODux7CzMox9zj9-LP-acc_s_M3AviEzNr_8-OIkUhbym6VaLbK31GCBkQr76lR8G5iyZCtB_v8JjMFI9HYqKZA&cid=CAASKORo-DguqnnEhu5jPTMSbnY0UPVVNgv6TODCiaDzd93rZumL_b5UeZE&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240
Frame ID: F6D5CE1C7124EB3AF5D33489C5E1E997
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNWI6JePdSZBE-twYrFDYr7wmvNhdT41itmgK9gjLwTghXWYoF3iAu_k2H0i-jTuXnhkK_6Ka-fExANvz_WCwF6FIbOFKEaTG7c0mTAoJDn1IVuB2udmUxq_Itlv9hSH2rJhgTPJ8zaxWoZfyx48_qHF4QlgdrANmj0LOfT4SWv01UnTe9mhJn2GNYxe6BCUb_N6p0f7T_zlCA56lg_n6yCb3f6bpA
Frame ID: 21700E8B12446F0C65478EBB4E15E561
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARvXgEu6_vUBYrYZUuvwNQmp6NW6omr8za39LdbABBWnkzMoJex0Wz9B2wHvVMz3-I_GdRpRpWHSSKTzBdhfgjbkyt2Q&cry=1&dbm_d=AKAmf-CgfXX2p2Jn4M-qo-P5Z7WguDED_YYnWepAPO7NyiFgibg8LZhKQv3b3jGeS9D8c7lCeXU8ltQK4ChSogSC1lERB1o3-lnPDd5-d6VB18fBjjanQaJDYH6Ao45UPMeWwaDhWk3nz-PjOg7veJaEpHc6HJ3b77omD0ZQY8knJCtfzHmEAQK9KGn5jZB70BLeogqOQv010RGnfcod59uSl5NEi8nsYCzf8N-zZUAGkJGv8CtcOkpyT3e782iTcIKszZO8UQA3QcG2CfBL3wd-8fuYWedb-GfvaXpFDcNfFZkMTCyaNPLRaTLgeKzd1x6zurszCIk7PqitRrbjLhNU4J4Vlmz56DY942Fa5V1EOrVxqhf42Zeo3ltRZqEdWdjVAuhuc-izLDvfsRodaLDr9w1I4-3wp_0264oJ-XXF-DVXsSbPD_8eq36U-pnd8N0CwsSF_mxFuqF1RwW-R4IW-VS0PPtequxXQ9I9T8a7oYmhEUqZOwMFngj0XcNJrF2u1GanrKWgIwNy_nhIIYwxxH56z9vGZLb2916k91oRhEUycjMLiGG1MZQYMtuo7ckO4PnSrP_MBCsFhgm6f2Gjx4AlPfDcytlSMvkhKouNnLVwitadg7kJsmEC02rFx3-G63DxYE5ABesVtBOz_IgUwdiuUCGpdMu9y5AdSEPogloE8ietbPz6QpD3kEVHANHzW3VYKWt5AZMVVZVD9Kx_tth4paEO9mV2QWsOWcOezC-73T0s96u06px6CBL4KjEYbsxRNIv4oy1AumaF1_8QnPGkGOkqm24UFuujoEoTzbMU_CUlUeWk-jO-XYoG67idIXuSizJ05hdlETm51_xepdditpPK-oJbR0oSLUn95jhgIHVJN3JZYG6qljiYwEvwQ65q74Ik_KMAWBjZzWWUEYDrlGd2ozUVAQF_EpWtZkQHG-HWtkfY-l8O6p02Riw417a_yhfbp2A66x7W_o8Et4GrmKStCaeaUiFcldiPU-K1DxB6NOhvjgTyVSmz7S20_sO6GHHPLVkOXX7s4UnBT3oGfxHkrow1hlEaDurMVIycC2rETDdgyvKDvnEx6I2sHLnO6fSZarB0Kn0EglZWCQK8oX0TLw4J2TczYQTv3lWudruz6T8eJAVrQn1KI8G50ZQaoM_d9Xh7NSpTlml7Wj4mBOHsTHxoOXAmoYNHZNPECtWaA4LhkGbwQGxng7VOFEcZm7_6SvLF7vk3-akqvS-iof-SAfJflmAI2TK02zUXxah2gMw-nP61DDBdL68RYxhtP3-LLBBF97Vg3xcsIRZ-al4i37aSrMrp6XLNn3sDV9rF3sdAEqdcGNjedYCH3O5-L55okiTfrvwqc4aqPekId-CiWPn6zF61ceZczw-IIDtDB4Y9YklHl4qWDjIoibg_HJxo6eL39_2vMdU_55BiSWr3W6uYWt0KJyGtdYuTiyXG8Q-YtMM4zRxGkt9wLkHeSb-Gq0GBkZrlIUPHQvCnJkjrqvNMzdLfbGezahdifIhGVqvwCV6R11tm89qZKSesgjlA_Dgf5OQXdXontEkRHnrCidpum1l8g-TPy6HZXFUVhpj5UesZXnBFkKEBQlCF255q5nW7dFIzrP4KvimEtrtkaHjNsULQi-AepMrskVIIf9M22tC62RfYFSDYO7VPxvaJXMbt30aSYfcS6Gp68rnVM31q3cOuxVvh6R214d9KHf-PHEDhFtUFGkjgUTxgS9UisxqbxsBxShFfxOFZgeJlTRrVMQYQ5l3P_MxhlXoDynJiO4VI4N8UBBUYtEOqYNFWB4Vtq4GQF3OykyC0vr75Rf7-TGU-NHYYqOfik_8avRLTWYQzvFc8l1L5FU_3zaHs_jgiD3awDFcTE6W718fzlgJ5UIA8xRlgEpb-3oPLDZlAYNT0EkEmPJXAoPbTke3G4PN3fkhN7nZlRO5pn00KBXHOmUiRAogtA4ChCQdd_dtyc1fJwpW4SPCJP7_8llM94VzrwskTh6xpV9ArB2KyeBY4wx23z53-ooAjOSywg8DaYc-1LbVvqMysAXXiI-ppNFgiRL4RzKQ4_STY24a8uWHRmj_OKzmAZMpG364JlGyicGry_zYuz1DufRYa3nMy_V04QmdnqW1RrrMrj6UI_LD1MmdcWtont-sOYTV4IUWSIRPBfUeRs3oVMwcs9A-UKkbN5TWYtMU4D_lpjYba69AbezCZu7vyi5UqQ7DaYb1ifXBoYDAEX0rHARKhmm2_T-FRBSMA40biOhnlTXfG6zWm8Y2ELhCylYzZZblUrT3AQPCwSa5cAe6JVURSgN2jv9r3LtKN_LwvvBIUowYz_fShm8r0hAgZWtUTE2MrhQnzf5_1oXlUSJKWA97u24QvYcTkE6nFJMppGVGGaM_-hsxCbppdJb6k57Cg2QVkDrqR-1QyZSJvgMVnucN5oIhZG2D-evmfyHdioJM_F41-0wfzy4OXfT3KerT4Nt86jcxNavMegCUHzOZJ0-_uGi1cWeZBw170TPtTGcBNVFc-tEuWbjbDSZQ2AuH9iPeZR1rEY1q6S9ykcpy8B8OUvEVUBNoAlGU4rJK9cNZaNo4lsctTkr2FNAfetrPxhAihTCnnAWzwCyk1UStc1Qnm9KHWFaQXMHgAIhTf1sZHoxfs9t8-gOxlJNUIk56GfeqEaGnf87UfozZ0iOoaSxD8RzZv7icj1tIqXc4cuV_gC3JYjZmqm-qLxPSsOD6L8B9_59un5U9WdCUfVtAy-akPvOsdr8LPctGEkRiA-27LSeTOaEnq1LHkKGbhh4w7jnWt2ehrIWFYBgFTUDpF_GpVcoTCRFxJEtUj93ny1oLvGhhM2fbwrcWeSRMvPs-1CXqvq93Hamjlp4yKtV7Vwk9s8mequFbMFvZ9j9jlIdJ-m3yGex5YyD9Md_qTbStDOAKEfx7I464A8x2nX4X1KhiTH6xYe0RK-FUFl8iZYYtzGpE5o5KqED9XxbtGCS8zRhLjt_Q&cid=CAASJ-RoaNQbSf-gfK6GWj6-G3WU9yzazpNyWK88tkhD9_IjthGN-AlRqQ&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240
Frame ID: 1BDB93FD36DBDFFFF10DD5CF55C3FE8C
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D35389C7322B319721370792765CF506
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B2CC27817451A9B4741C64F45929193C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AFCFCDDE8314FD668D244B3119AF2436
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41C9D54D5D1814BF88BD9725A1F3F093
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E3982BB54B628594B562FA88BE3137B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 440FC97AFC2233D6890F6178B813F58D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE08058EA96786917A0ABFB8977DB05D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/0z5hcow6htdc Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

241
Requests

89 %
HTTPS

0 %
IPv6

26
Domains

36
Subdomains

33
IPs

5
Countries

2692 kB
Transfer

6190 kB
Size

22
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/0z5hcow6htdc
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://mobilesafe.shop/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/0z5hcow6htdc Page URL
https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bUgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

Request Chain 166

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1

Request Chain 168

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Request Chain 170

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6DlLfYsCwVR0JumgyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5ODI5NDk5MTc3MTA4NzI5MA%3D%3D

241 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 0z5hcow6htdc Show response
www.file-upload.com/ 21 KB
7 KB 403ms
184ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f32a29cc858ac1034166d22d9f4c4cf3d7bdaf782091a385073c3acb3e534601

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7121f2a7fdce6b4e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 27 May 2022 21:47:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 26 May 2022 21:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BYjg6CXw509hC%2FhQUQY%2BG3xbjSugxEjC44KQCcytyE7bUv8DrMqFqTei6UTghW65HZoQFYpjsufJU8VQoLv%2BqlQr%2F7b8maXd4H6v8BDaaEVasaG9LwhnkBLMhfejHH8pRqw6Ppp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 app.css
www.file-upload.com/mngez/css/ 247 KB
41 KB 117ms
115ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711138
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2HxJ6H8T5YH83Uex915Ynx4doP2vUlaAy2pMMppMrD5Ek6Z5Tru6y53CStLI5tJ5svWaPk5QTuxcaLnzzEedj8LREAvZJofDb8ueCNsl0xOAmrGt2Oxr%2FpkT4L%2Fu7%2ByXWaInJ%2FZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 20 May 2022 16:14:56 GMT
cache-control: public, max-age=31536000
cf-ray: 7121f2a938746b4e-AMS
cf-bgj: minify

GET
H2 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 113ms
112ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441424
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"5be576df-c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ua5Ali6HsAc6QUB3yqJDFffQDzOQtdY%2F5yxjS0w%2FLLGPeHLGDCu2bSjFhCTQvIPsTWUVev%2FAwZtxrP%2Bq1LhbC8r1ydbl6YBGN393Veti8Zu9QuBQ52GZ2juhcdwLhMpkwwYIpma%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2a938786b4e-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
d26adrx9c3n0mq.cloudfront.net/ 492 KB
158 KB 639ms
401ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: 5516590d2761290bdcbcaf2be9f79ef41810da1d197ea2fc0b23fec9093941c3

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 161114
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: 0bGkaFLkXTacfcQ2S5SfFbIOBFu-IRWDZ176zlVCZWS7NUsdE1CJgQ==

GET
H2 200 rocket-loader.min.js Show response
www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 102ms
101ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 09:50:37 GMT
server: cloudflare
etag: W/"628dfbed-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v274eqPzdj4JC5VMbHSes0skNmpuQdSF1ZhnqUIDvVtvMICymVejIk7WO2JSEcdvrVXJq83T6%2BE6QTU%2BIOd%2BkhJlShY7MLbyFDyJpGueh8RYU8RjdvYJUIu5mpYgJ5OOAFY4Zza"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7121f2a978f96b4e-AMS
vary: Accept-Encoding
expires: Sun, 29 May 2022 21:47:14 GMT

GET
H/1.1 403
Forbidden 01105f188a1c32226733edcb09dd3870.js
elementalantecedent.com/01/10/5f/ 0
0 639ms
199ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elementalantecedent.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 27 May 2022 21:47:15 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 / Show response
d26adrx9c3n0mq.cloudfront.net/ 163 KB
49 KB 507ms
269ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: 8eb7bcfc3fcb80c29ff183bc561fefb385db9ba1875e51f7bb1d3baa341b2f88

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 49634
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: BnIgA4PqUIYDbRW0RA89TRu9FqMIzjDj0Xs93Wn2Jd21NG6ynUqpzg==

GET
H2 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 108ms
107ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10423349
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw%2BMMdjjeAbuDPltYWRGIxcaAZEspZ8HKx071LrACk8xPxe%2F7br3qdZKP6XW8V%2FE0B511EmDO1eECFAKCXO0XgTfecu%2BQSfobLmgsTCrLVjNrP07uAHsQa6dJryr7Y4MXarwcn%2BN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7121f2a978fa6b4e-AMS
expires: Thu, 03 Feb 2022 06:24:45 GMT

GET
H2 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 173ms
172ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441424
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "5c26aa0b-281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzig64%2BXHx4lNeC%2Bx1o7ac96S7%2FFB0DeW2KbkLRgcbGfMFKeDqbD1HkqX2vG84QKJbYMU84HcDE1sdV9oA0uDZS5QLLbvSZ4Pim5jd8PwFp%2Buzo6Sm%2BwUM%2FvjFUyie7qqzMx2vnf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7121f2a978fb6b4e-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 586ms
97ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Sun, 26 Jun 2022 21:46:55 GMT

GET
H2 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 173ms
172ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441424
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"5be576df-1363"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEZr5a332ccx3rKUwT6zRs%2FCf4letyltlVsuNzFmXUyFsa6yX1grSQe1kB%2F8AndniW%2BVADD8XBYzl2znS1EwoOTf%2B7SHhKHoeUfqrT86Tn%2FKVszPD5O%2ByF6nerFTbIMyOGMiTQ%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2a978fc6b4e-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 416ms
415ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441424
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"5be57753-3aae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIWSMRQ2pp%2Fw9VMPtz3BoU7pcWdZUKVIGlWb5FcSR5sLkgvLr%2BidIYGeKZP%2FFW67sD0IFqH08p7%2B9hk4obAsVD1SEEGkoh8a66nZpV8oRfzGAa8v6qCvfYxaxuynMR40pml0%2FO0v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2aa39a79799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 118ms
118ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7149
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "12d68-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PacoXog48v2re%2FqC%2BB%2BjykeKoxvClKiG0gfuEpfwzzBs1ueTuutxi4a3c1sCKMZfnq3vmvDYv%2BBl%2BBsWts5%2B4wN2EP3gjEY4qspJnxJZ2yAyyw7Al%2BHGmD9HhuoMDg7KL7iAoine"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7121f2aa39af9799-AMS

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 216ms
216ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7149
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7904
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ee0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQUaK8%2FATLV94aKFKBqocToDOxnP3y%2Bkx1ZG3seEpr9tZ5aJw715ZFPjZz6jfutqZqmii%2FGMuafC1AfQi9xt%2BIOc9gRMZX6LAGRD1MTM1QlRiUR83S7bChMjUNx8JQv7539k8qWJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7121f2aa39b19799-AMS

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 8 KB
8 KB 218ms
218ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://www.file-upload.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7149
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7884
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: "1ecc-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVu%2By%2FG3dSUaKq1URVXDN9U6IspjOEKZWL8oOKj8Ym3vTrbR45FDLS1pasobZuQKUA1I4IAy9WqC88HCToMoT7eR1xU3kX0juDuu0fGLjb%2BWYUchqtf7Hg5I%2FpzyfLA9wVtwdbA0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7121f2aa39b49799-AMS

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 437ms
213ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 21:01:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FLWIstAQzEP%2Fo2tMFYn45zFyRgRrGmgmi7IhwTC5QwvZ2pS1iNv%2BUMzlrLj884u%2Fe4vRsGjRNMsdji1%2F9TWICi6FVT0sqLmzc5qmaRoOnhaqNcIpcdo5PHGK1ZPH87U"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7121f2b02bd575a1-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 25 B
351 B 437ms
214ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a00c9fbc7e14c7b6c5c7c680dc34636b485a24a8f9918f4c8b19d1aec5e2497

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFTTGJdCB7v%2FyyU%2FDlsIxB1KsAS9myfWm3nYV3LLsy7dwDtDCt2ec5J105CYUdzWEL7iq%2Fi%2FOnDGJ532xnxz9Uli0TxwKLOemXyPxSrPWiZabp6VbyDPkWQLBtxhPeKm"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7121f2b02bd875a1-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
denknowled.xyz/ 0
491 B 627ms
398ms XHR
text/plain 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=oLA1HC6bPIr0&top=www.file-upload.com&tid=888398
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:16 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: MhemkPUshzkNYuFVkMaetqb3rvZK0a9ewqt6j1IAvb9Z_-_C6m02hw==

GET
H2 200 Az1ZBWE0fS53TjYpABFOHS0BKlNiLUx2dBMJLC14YwggJ347fSQWDiQALXUOCD07PG8ILg0mfmE4MBJkIywENA4IeSByeQRyJAl1EnMIPUJjLwR9BQgkOzJ6BxgKYlwjJQc0CwFyOS9AIzNcNlc9KV4nQw Show response
denknowled.xyz/NlBKaURXMikEe1dtKE8xRDx3THZwdXgvIARmKw02TmkpWioGPTtHJ1o/Pw0iRD8kHWpYNT5MdnAgGwIobwcdWSx8OhNMdnAFIDAjZhcYPyFYFjgwAmA7AxA3BBEwI3R1Bw9QD2JoOCACUScBLREAByMsfFA5ejEOWAIlDzNzOgATfV0DMwoqeW... Frame ED1A 3 KB
2 KB 388ms
194ms Document
text/html 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/NlBKaURXMikEe1dtKE8xRDx3THZwdXgvIARmKw02TmkpWioGPTtHJ1o/Pw0iRD8kHWpYNT5MdnAgGwIobwcdWSx8OhNMdnAFIDAjZhcYPyFYFjgwAmA7AxA3BBEwI3R1Bw9QD2JoOCACUScBLREAByMsfFA5ejEOWAIlDzNzOgATfV0DMwoqeWIYCh51N3ImdXRiKBAzRhEjBXR6FB8xCWUZfyYjc2QAB3BFFAJRL3gpBywIXwV/DwIOFSwhHkYDAitxVRN+LAh1YHklLAM+L1sjBRcdDXNXFyINJn48cwgtDz4vWyNDEgkRYQQWKCE8UxENETVXAhxZIm59DFEcBRklIgddEgATcA8fPTA2Zgh7Gw8FNHwLd1I1Li48RzEfPDR/Az1ZBWE0fS53TjYpABFOHS0BKlNiLUx2dBMJLC14YwggJ347fSQWDiQALXUOCD07PG8ILg0mfmE4MBJkIywENA4IeSByeQRyJAl1EnMIPUJjLwR9BQgkOzJ6BxgKYlwjJQc0CwFyOS9AIzNcNlc9KV4nQw
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 9e3944598905bf926d2597a605a850a1ac6984826411083e101c648093521f45

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1239
content-type: text/html
date: Fri, 27 May 2022 21:47:15 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 9vsWDCaNfTu_nqk4XTfYl9vYSbhiugTzAZkfxXYaadN5Ki-vMzprCg==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 296ms
111ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 21:01:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db3V3pDPZvZbDQZHhBqVIvPLP69IEjyIw8MHQusBsbQE%2BgidluGqUAV31pL6Xd0zoqLdARsmWGIGJTfafm1iDVaxa1vAOfXg7bDGdTfHImpYIgdJEDBFIRnFrnycrLQH"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7121f2b02be275a1-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
373 B 496ms
311ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b3562f513d11315be34fe8d56aef262a2bb7c6382cec640668c3af7b9a0cb4

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2snrEGISU2PZedvU2ufgSC9%2Bu9eSYWcnWrb6f4i4EC0pxJ1bG4yRJnbR3QOGrIgFn0K9pvcpQZiu%2B%2B1nvSHAZJeYVTVQOiOZQoJkrGmRRymMkJ42nJ5GA1JQqYPsY4iU"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7121f2b02bde75a1-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
denknowled.xyz/ 0
491 B 385ms
195ms XHR
text/plain 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=G6HjFXOU59k6&top=www.file-upload.com&tid=889766
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:15 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: vS4nSKcKV7qofkutoGV_7oasRkQhPDJJHDpzg21BR1Pi04vEHHh-Bg==

GET
H2 200 ODsHLgYBQTkrcDMuJDlTJQFCJVNZFR0oUV0fMCsHJi5EB2MlNBwvfCs8HztlHQ4jAUYLJ0Rdcw8wPShQAiAfO2BZQDEFfyI+Di5lDR9GNVMCNAY7cB0ANgJaCFAdH1kHBkolfjpGAQ94OixOFlQ Show response
denknowled.xyz/aXZ3bDYIFBQBCQhLFUpDGxpKSQQvU0UqUltAFghEEU8UX1hZGwZCVQUZAghQGxkZGBgHEwNJBC9GJStCHSUvD1grNzoaZS03NC9uOyYRKnwIEEcqXygkQwFxPSQgJncsHRMuBiY0Dj1TPB4UHmM9NyUvbjs+LgtVJDwPLgM9JxACcCEaFj9PDi... Frame C666 3 KB
2 KB 457ms
285ms Document
text/html 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/aXZ3bDYIFBQBCQhLFUpDGxpKSQQvU0UqUltAFghEEU8UX1hZGwZCVQUZAghQGxkZGBgHEwNJBC9GJStCHSUvD1grNzoaZS03NC9uOyYRKnwIEEcqXygkQwFxPSQgJncsHRMuBiY0Dj1TPB4UHmM9NyUvbjs+LgtVJDwPLgM9JxACcCEaFj9PDiI9AGwzFAAhBis3LVx3EBElJF8gIT0bVTE8GylOKho2B3EtQjQtZTwhLjpdGxAxAAY9Gk5ZbhM7NC1PWS86FF4gE0cPRyFGH1tkWiAVPQUFJRMVWiATRw9MKBE5SQQvJ0UqbyVEDypSKzgVCmBcHiA6G1kZNRZnITUzWGUjETYpZj88RSBgAUAmK0YwIUUUcA0zOit/ODsHLgYBQTkrcDMuJDlTJQFCJVNZFR0oUV0fMCsHJi5EB2MlNBwvfCs8HztlHQ4jAUYLJ0Rdcw8wPShQAiAfO2BZQDEFfyI+Di5lDR9GNVMCNAY7cB0ANgJaCFAdH1kHBkolfjpGAQ94OixOFlQ
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3aaf2e13cf108f1df8d17ba7d00482f1c977a219b7d969c202ea99637946c98b

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Fri, 27 May 2022 21:47:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: duTMXG_Mvj-ihVwZ7Z5FMiL6GKEaUN0uYHOhg-DyKL3pW8Ozsbe4Ww==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 376ms
213ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 21:01:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt%2BPurNxgmENegkKkX1BICQN95b4Ye7V8HexSD89rKGdB6IPtpo7ix%2F2X1cqWS7wmHAxihRfi5Azi%2FXcAL%2BKz3c7xSp%2FBivMUudqx0m8c6WKGB9zYaKTwEHpX3MaOXEX"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7121f2b02bd975a1-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
368 B 376ms
213ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f044d18ab336d679054d3fef48dd77f16f5b08b1e81ccd5b1efa8af53d48e0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OakEWGVG2WrOkhjh15UkQHExFXik4Mrmgbin27I0amOpZwDVul9rXrg9jgtgiDGb5DfPnRNt8IW9R6r8%2F6pyXPF0HeflxDX7tcl5a%2FNVYseMfoPwREBn7fszDA5tagd4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7121f2b02bdb75a1-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
denknowled.xyz/ 0
492 B 452ms
284ms XHR
text/plain 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=lLJUwqBMI8lm&top=www.file-upload.com&tid=922253
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:16 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: t__Y4GXdSn_HFkqBlSfJwDxe2pdVjNug-ICU1x_K0ndDyrOtpl1MEg==

GET
H2 200 NQd9NTAGOXgNJQYYGRwgAQYbPigHAw4IOwcUfBwxEnAOHgoVCQ9pFTYXJBw1FDl8Pzo3dCkRMBYDGgEgFhkgCzERBA4ANyd0Lx8waBUKGxYTEA02JhZxBhgkBiIvCDQGGQYLFhMQDhQ9CAQWHCMGEzsPJxoUBC4gFRYZHyQRKWEcMxYAOAEwKBQLHTQjBBoPKzgDf... Show response
denknowled.xyz/UEFMWXIxIy80TTF8Ln8HIi1xfEAWZH4fFmJ3LT0AKHgvahxgLD13ETwuOT0UIi4iLVw+JDh8QBYbFiM4JyILCDcIE3gOJSgPLh83YSUaCDATExo9MAcAAT8xOCIcFBoZCwEOHTIINjoKATsoDjcScBsNJxICD2g/ Frame D6D3 3 KB
2 KB 347ms
196ms Document
text/html 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/UEFMWXIxIy80TTF8Ln8HIi1xfEAWZH4fFmJ3LT0AKHgvahxgLD13ETwuOT0UIi4iLVw+JDh8QBYbFiM4JyILCDcIE3gOJSgPLh83YSUaCDATExo9MAcAAT8xOCIcFBoZCwEOHTIINjoKATsoDjcScBsNJxICD2g/NQd9NTAGOXgNJQYYGRwgAQYbPigHAw4IOwcUfBwxEnAOHgoVCQ9pFTYXJBw1FDl8Pzo3dCkRMBYDGgEgFhkgCzERBA4ANyd0Lx8waBUKGxYTEA02JhZxBhgkBiIvCDQGGQYLFhMQDhQ9CAQWHCMGEzsPJxoUBC4gFRYZHyQRKWEcMxYAOAEwKBQLHTQjBBoPKzgDfBc6Ay0dHCQFCxkNQzsYDhgZHAd8EAgBFxkaOhIqHBgaNAIdGD8TFB4qFAQUBRgjEgwBHyRgJQoMNAYlCTE4Ay0vOiAVDy8BGigJHTI0BgArFCARJhYYNQYXGxAjNAUeaQIFAwoANAcXFX8YIy4iKU8SIyEPKjsSHw8DFw
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 7db0fff82d0380709df98b2ab7fd5285dbee6f0e492b3ce3d444c41e9b6a2379

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1228
content-type: text/html
date: Fri, 27 May 2022 21:47:15 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: aGIxXv6RNrrKxef3PXRkA9YlrOPkX58aCpHldKCjppylXjB4D9p7ZQ==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront

GET
H2 200 KTw7CxgXHgZ0eRUnKGMhMw Show response
denknowled.xyz/RlJLNkwnMChbcydvKRA5ND52E34Ad3lwKHRkKlI+PmsoBSJ2PzoYLyo9PlIqND0lQmIoNz8TfgAoL111JwYdURoPFhpEFjEbJmYiBDUfBSA0Ngx0HQwBIF8CIQgyciQxBwRBfTAaIgYaATgoAiohG3pmIgQ9HnUBcRsxDwAnBnNcA3YmbgQOIB... Frame 8503 3 KB
2 KB 423ms
284ms Document
text/html 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/RlJLNkwnMChbcydvKRA5ND52E34Ad3lwKHRkKlI+PmsoBSJ2PzoYLyo9PlIqND0lQmIoNz8TfgAoL111JwYdURoPFhpEFjEbJmYiBDUfBSA0Ngx0HQwBIF8CIQgyciQxBwRBfTAaIgYaATgoAiohG3pmIgQ9HnUBcRsxDwAnBnNcA3YmbgQOIBE8DgoOGD5XNXYKKFwvLxsjDiYIOzMPHgc+PW9+LgYtYTwqHjMOJBY7AkAOESIkUBgfESpbJH8zHmwkJz8jRAIBIiRQH340AmE0czQeYwIgYXJZCCg+PmwEdxctTD9/GQlZPQoBLAAEFQs+VwspJS5bYSpkL10aczR4DyMeOxpPAxIHKlchIR0tYx5jYA14JRcoDgQ8KTQfDhgKFg5fLxAcclclciUJdQ11GQMHCQUFAQYoLQgjVCJzNR8ECjI0eAcJICsgRRwuMXJ7fi4jBn48NjclbAojCjwCFhMxbVw/KTw7CxgXHgZ0eRUnKGMhMw
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 0742bc687d6f504eec78a16afdda860a6423cb06cda1e823dea507c6953add67

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1218
content-type: text/html
date: Fri, 27 May 2022 21:47:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: j0JwKzS1N24zjtc2zrW-xFsDF0bG3Lv0hFnky533vva94BrurXkGZg==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront

GET
H2 204 SmhtAXRVfj8EKANlelI5ECwnSXhSbXhCcVxoeE15V20
dinterperson.xyz/SWRYS3RmWzs4SRxVKAcVHSY0Ehp8ABl5Lj8CNA43EwkSbkYPMQkaUj0NPHZMcVxrckxvFDEvSXhCKz8VPRErdkVvDTYtG3RCLnZFZ1dsZUZ/ 0
483 B 412ms
192ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/SWRYS3RmWzs4SRxVKAcVHSY0Ehp8ABl5Lj8CNA43EwkSbkYPMQkaUj0NPHZMcVxrckxvFDEvSXhCKz8VPRErdkVvDTYtG3RCLnZFZ1dsZUZ/SmhtAXRVfj8EKANlelI5ECwnSXhSbXhCcVxoeE15V20
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxi7v6VYJqhrqolcVyCP7MkmSKSRQvtjQiaJ8rjgOeUG2Ct282DzHY696XCfeEeqPGvt8jvmC%2FpGqkLrKcoXKo%2F8LM2%2BY7ljd6CoE4%2BE6ZLjD8RlsTLRm%2Bztu6B873%2BiWlc9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bca597a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 755ms
526ms Image
text/html 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-mini-shv-01-frt3.facebook.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 398ms
170ms Image
text/html 142.250.181.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 577ms
349ms Image
text/html 142.250.181.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 Nlo5ZWsZZVoWVmJpXlEyWBgMMTpeCWstE3kebyssUA98Kz1dDx8RAlJnAV1SAWwPQxtfPgRUTUUuWBEeRWcIQwJYPFZYTUBnCEtYAnQLU0UGfExYWhAuSQQMC2sfFR9CNgRUXQNpD11TBmkAVVwF
dinterperson.xyz/ 0
248 B 423ms
204ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/Nlo5ZWsZZVoWVmJpXlEyWBgMMTpeCWstE3kebyssUA98Kz1dDx8RAlJnAV1SAWwPQxtfPgRUTUUuWBEeRWcIQwJYPFZYTUBnCEtYAnQLU0UGfExYWhAuSQQMC2sfFR9CNgRUXQNpD11TBmkAVVwF
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwHzAxI8xw11mRB36xGzJvt4Zgdz745z%2FTpDn6b5zXIgkpv4%2BT34ltSYHYkh8WX7UCpnsx7wd1C6RNuzhd4MeTgDIxHWnGn1ymv3%2Bh1d3BM%2FOQXbjxHKj91WCGbm1NJWyGnN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bca997a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 A0ExQyNVWnQVMkYTKQ5zBFJ2BXoKV3YKcgtS
dinterperson.xyz/Z0UzQjJIelAxDwYCYQdQIDVqFHohH2sEQgQmZRBUPxNhOGVWCBU2WwN4CnAAVXAAZEIOIQ5zFBQxUjZHFHgCZFsJI1x/FBF4AmwBU2sBdBxXY0Z/ 0
246 B 424ms
206ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/Z0UzQjJIelAxDwYCYQdQIDVqFHohH2sEQgQmZRBUPxNhOGVWCBU2WwN4CnAAVXAAZEIOIQ5zFBQxUjZHFHgCZFsJI1x/FBF4AmwBU2sBdBxXY0Z/A0ExQyNVWnQVMkYTKQ5zBFJ2BXoKV3YKcgtS
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFv2Rb1U1R9YctoEYat9Ridt0%2B%2FukftJax%2B7H5c07Xb9LRcB5DWokXz3DuwHOrt3FxmqK3RN1AlXNcxZ6agPN2v17MCz9fg2a58m0Lw%2FykyYoaiNRrjWmME%2FpK7kgUSOZMbk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bcab97a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 YkhyTWdNdxE+WgYlHgA2DgIiGi8OMhN9PTssKikWNiQGewQ1GVQ5DgZ1SnRRU3FKaxcLLE98X0Q7BiwTFztPfEELJhQiWkQ+T3xJUmZDY1dEPU98QRY4EypaU24CORMOdUN7UlF+SnVXUXFDfFQ
dinterperson.xyz/ 0
243 B 412ms
194ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/YkhyTWdNdxE+WgYlHgA2DgIiGi8OMhN9PTssKikWNiQGewQ1GVQ5DgZ1SnRRU3FKaxcLLE98X0Q7BiwTFztPfEELJhQiWkQ+T3xJUmZDY1dEPU98QRY4EypaU24CORMOdUN7UlF+SnVXUXFDfFQ
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbcV6R35PEqsiGBUtiqcPcCJBlgPD64lkEJXUE4CqYQFwDTke4zkd24cFx7%2BYms%2Blbp4ztDgoAOrMO12Ye0FfrrY91iGdP0ae6Naw9WBpvKN%2BTpTHtOXQIXruuIzMVq7MnXg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bcac97a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 329ms
212ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 21:01:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0tI3g1T9g45IiWCSITRNDQgRnSm3ErNBnfI%2BPIBvzO95D09MHlOmRU46%2B4V3dDq411XtBFMo%2FlTvmVBLPBbxDXU%2F%2BiIJYlF2ToAwJt8jZNyJ17uffhjbSDG8MAoEoRa"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.file-upload.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7121f2b02be475a1-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
349 B 330ms
213ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641d57ba11db0160099817a3c822a1b5c1b96822d1838e3cb46a06780c656d8b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.file-upload.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMnP9DARGu9fo%2Bl%2FrsNTl4nFOnZqCz4EDsaE1Db1aAFtEtvHheUDuZdzcQ9zZuibQTA3OtfRXW9LYMjLuQEligJQ6HdKmsPXRSX5kgnrnZchLoKSFia8ZkXBqQZxLgMi"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7121f2b02be075a1-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
denknowled.xyz/ 0
492 B 407ms
285ms XHR
text/plain 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/utx?cb=nmeyd7p9ErdR&top=www.file-upload.com&tid=888399
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:16 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: rlF1OfMkNqV0sMnjjrVE4uVt1LhodEgDPNj_XWubWz2_K-82CRjR3A==

GET
H2 200 LxwsKB0AeGQOKQcgMlkAPwUjEg1ZehsN Show response
denknowled.xyz/TkJkWmgvIAc3Vy9/BnwdPC5Zf1oIZ1YcDHx0BT4aNnsHaQZ+LxV0CyItET4OPC0KLkYgJxB/WggJNQwEGBFVEwEAKBcuChoXExcwFDMBDS4jIQkuBgM7PTE4CgQPHhA5GC0ZUA0nCQMxAwopf1oICScMAxQVVH9aDAsgOREqLDUxJjQYVgNaLX... Frame A0E2 3 KB
2 KB 304ms
197ms Document
text/html 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/TkJkWmgvIAc3Vy9/BnwdPC5Zf1oIZ1YcDHx0BT4aNnsHaQZ+LxV0CyItET4OPC0KLkYgJxB/WggJNQwEGBFVEwEAKBcuChoXExcwFDMBDS4jIQkuBgM7PTE4CgQPHhA5GC0ZUA0nCQMxAwopf1oICScMAxQVVH9aDAsgOREqLDUxJjQYVgNaLXYpCQQ4JjxiAAE4VCsyDQMIFAEfZ1YcOA0XVxAwdiUvN1A9DA1iAR4rVG4LBikxPiAqLgY3KjYhNxMBHgExaCEkKlc5WiV1NGkMNCMzCF8oCiJiMikuVzlaJSstMBB9IDwYXAsFNigyGgwPPjAMNQENISkJN3c9IAweA1AAOyVtJhY6Ch4/KjsGNBx6GCMIGhQVKW8jHXJQEFsqOCM0KnsbDWofHitRaQt8KR0WAgszKjQQOxssH14eFg9jJAo6Ez86HHc9Ehx5JCwMGSwaLmIMIzYTPz8HOyseJT8LJzJQFDVVNAsjd1M/LxwsKB0AeGQOKQcgMlkAPwUjEg1ZehsN
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 2dc5012f2278fb767667239106bd728095562596632268a66639647de00086f6

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1227
content-type: text/html
date: Fri, 27 May 2022 21:47:15 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: dutq68Kfe3tWwdt1znasoZSEb0PnEdBY8JrAR0O-MAlu7itt3Jjw7A==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront

GET
H2 204 Lg9bFRpYHmggKzsmaCkJMyEEDA4FIhY5BA1aCHVVWl4Jax0AAw1+X08URCwZHBQNfEsACVYiUE8RDX1DUUkIY19PEg18Sx0XUSpQWEFAORkFWgF7WFpRCHVdWl4BflQ
dinterperson.xyz/aWcwTW1GWFM+UD9VU3w/ 0
244 B 395ms
208ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/aWcwTW1GWFM+UD9VU3w/Lg9bFRpYHmggKzsmaCkJMyEEDA4FIhY5BA1aCHVVWl4Jax0AAw1+X08URCwZHBQNfEsACVYiUE8RDX1DUUkIY19PEg18Sx0XUSpQWEFAORkFWgF7WFpRCHVdWl4BflQ
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrChaZNXRdyzo21o20bojpB2GaNI8X936h598VyDk6IBn6vnEP%2BqK3H5GAu2GtER641EmnIyqrIInp7pKkDFz59HrWF5BJJykJn3IlYIrutZ6Ogft%2FwdkcMJ0p2BY58vge%2FH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bcb297a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 WnhlQTd1RwYyCg5IIxNSHypdJGA2NwYvW2kiMDVPPDANKmM0SEM1Xj5FXXkPaUFcZ0czHFhyBXwLESBDLwtYcwdqT0MoWTwXWHMRLEVVbw90QEtzES9FVGdDKhkCfAZ8CBE1W2dJU3QEbEBdcQRjSVFw
dinterperson.xyz/ 0
243 B 388ms
202ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/WnhlQTd1RwYyCg5IIxNSHypdJGA2NwYvW2kiMDVPPDANKmM0SEM1Xj5FXXkPaUFcZ0czHFhyBXwLESBDLwtYcwdqT0MoWTwXWHMRLEVVbw90QEtzES9FVGdDKhkCfAZ8CBE1W2dJU3QEbEBdcQRjSVFw
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F6LO%2FqiNIBb2Kv8oipAj5fb3ek03sXvtZxnIWslZxnEcM97eSAf3EpwaAVH8GU8EBzR3n10zTkS12zoqF2uEQAvxcdSWl7kqXX1GH5o%2F3yUPfSfB1KJTWCnoYC2OB0WTxc6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b0bcae97a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page.js
file-upload.site/ 22 KB
12 KB 975ms
478ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://file-upload.site/page.js
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 22:47:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11601
expires: Fri, 03 Jun 2022 21:47:16 GMT

GET
H3 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 123ms
123ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/0z5hcow6htdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29984913
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"6010b1af-3aa0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLCkoVgch9aEa4KO0Gg9GTM1gyDyEzF3sMtI27K0JmFajqWNSWOP4kODMa23a4k3481XKrNndo3aSmzeqBCcAMPVmzn8ZOPPxAwpXjWk8S1l9ehOsgCxPMiJp0TkXc2xeF3YQXVA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7121f2afbe709799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bHxeAGxqaRV0fX-F8X3IoKCkBJz49OwYrPX1rK3d6b3dedGxqaUUpISw0AWd7G3xfciUxMghne2g+CCEiN3BIcHk7MR8tJD18XwRxYXddbH1rYVRsfmp8X3I6OT8MMCB9ayt3em93XnRvLWRc Show response
d26adrx9c3n0mq.cloudfront.net/pQklYWW0hJjY/UjYgPGRVenFrYFVkIys2AzJ0CWE9KT8rIFgwKDU6WiE8fi0XJnRofwEjJz9kSycnO2RcZCg8O1B2bywpAil0LDUXMSI5OgE4Jn4sDH8kNyMELiU5fF8EfHZpSHB5cC4ELC03Lh5ne2g3GWd7aGhdbHl9ai... Frame ED1A 855 B
897 B 256ms
255ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/pQklYWW0hJjY/UjYgPGRVenFrYFVkIys2AzJ0CWE9KT8rIFgwKDU6WiE8fi0XJnRofwEjJz9kSycnO2RcZCg8O1B2bywpAil0LDUXMSI5OgE4Jn4sDH8kNyMELiU5fF8EfHZpSHB5cC4ELC03Lh5ne2g3GWd7aGhdbHl9ai9ne2guBCx/bHxeAGxqaRV0fX-F8X3IoKCkBJz49OwYrPX1rK3d6b3dedGxqaUUpISw0AWd7G3xfciUxMghne2g+CCEiN3BIcHk7MR8tJD18XwRxYXddbH1rYVRsfmp8X3I6OT8MMCB9ayt3em93XnRvLWRc
Requested by: Host: denknowled.xyz
URL: https://denknowled.xyz/NlBKaURXMikEe1dtKE8xRDx3THZwdXgvIARmKw02TmkpWioGPTtHJ1o/Pw0iRD8kHWpYNT5MdnAgGwIobwcdWSx8OhNMdnAFIDAjZhcYPyFYFjgwAmA7AxA3BBEwI3R1Bw9QD2JoOCACUScBLREAByMsfFA5ejEOWAIlDzNzOgATfV0DMwoqeWIYCh51N3ImdXRiKBAzRhEjBXR6FB8xCWUZfyYjc2QAB3BFFAJRL3gpBywIXwV/DwIOFSwhHkYDAitxVRN+LAh1YHklLAM+L1sjBRcdDXNXFyINJn48cwgtDz4vWyNDEgkRYQQWKCE8UxENETVXAhxZIm59DFEcBRklIgddEgATcA8fPTA2Zgh7Gw8FNHwLd1I1Li48RzEfPDR/Az1ZBWE0fS53TjYpABFOHS0BKlNiLUx2dBMJLC14YwggJ347fSQWDiQALXUOCD07PG8ILg0mfmE4MBJkIywENA4IeSByeQRyJAl1EnMIPUJjLwR9BQgkOzJ6BxgKYlwjJQc0CwFyOS9AIzNcNlc9KV4nQw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: b771a767034dabe8c8dc1a2145a991c7c26326c2abbcc37cb0111fba6a0ec017

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://denknowled.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 621
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: Qrq9QYva5GFfu30HjlDJtLz1SbvfIHrqLbFlZ9nSLA2HJE8_vdWmoQ==

GET
H2 200 ZZzJwcGQEXR4WWxNbFE1dVQBCRVdBWAMfChcPMhIJMWobIzcxQzdWEB1WTUBCC1MeF1lBVx4TWVYUERQGWgZWBBQIWU0ECB1BGxEHC0gfVhEGDx0fHg5eHBFBVXRFXlRCAEBYEw5cFB8TFBdCQAoTF0JAVVccQFVXJRdCQBMOXEZEQVRwVUJUHwREWUFVAh-EAFAt... Show response
d26adrx9c3n0mq.cloudfront.net/ Frame D6D3 655 B
747 B 262ms
262ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/ZZzJwcGQEXR4WWxNbFE1dVQBCRVdBWAMfChcPMhIJMWobIzcxQzdWEB1WTUBCC1MeF1lBVx4TWVYUERQGWgZWBBQIWU0ECB1BGxEHC0gfVhEGDx0fHg5eHBFBVXRFXlRCAEBYEw5cFB8TFBdCQAoTF0JAVVccQFVXJRdCQBMOXEZEQVRwVUJUHwREWUFVAh-EAFAtXBxUGDFsEVVYhB0NHSlQEVUJUT1kYBAkLF0IzQVUCHBkPAhdCQAMCURsfTUIAQBMMFV0dFUFVdEhJSlccRENcXhxHQkFVAgMRAgZAGVVWIQdDR0pUBFYFWVY
Requested by: Host: denknowled.xyz
URL: https://denknowled.xyz/UEFMWXIxIy80TTF8Ln8HIi1xfEAWZH4fFmJ3LT0AKHgvahxgLD13ETwuOT0UIi4iLVw+JDh8QBYbFiM4JyILCDcIE3gOJSgPLh83YSUaCDATExo9MAcAAT8xOCIcFBoZCwEOHTIINjoKATsoDjcScBsNJxICD2g/NQd9NTAGOXgNJQYYGRwgAQYbPigHAw4IOwcUfBwxEnAOHgoVCQ9pFTYXJBw1FDl8Pzo3dCkRMBYDGgEgFhkgCzERBA4ANyd0Lx8waBUKGxYTEA02JhZxBhgkBiIvCDQGGQYLFhMQDhQ9CAQWHCMGEzsPJxoUBC4gFRYZHyQRKWEcMxYAOAEwKBQLHTQjBBoPKzgDfBc6Ay0dHCQFCxkNQzsYDhgZHAd8EAgBFxkaOhIqHBgaNAIdGD8TFB4qFAQUBRgjEgwBHyRgJQoMNAYlCTE4Ay0vOiAVDy8BGigJHTI0BgArFCARJhYYNQYXGxAjNAUeaQIFAwoANAcXFX8YIy4iKU8SIyEPKjsSHw8DFw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: 349ba3b26599cfe380809dbc57ec5ca9e4949957a3ab61df2b98a5801dfa2b2e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://denknowled.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 470
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: 4NaGxi3GYIAgD6SxDCZqsU2kPA-mr78zMZgXuaLZOm_z6kIwj8VyeQ==

GET
H2 200 PCU3JX8gKm8sNi8iPi04cHkUdHdlbmBxcSIiPCU2Ijh3c2k7P3dzaWR7fHF8Zgl3c2kiIjx3bXB4EGRrZTNkdXBweWIgKS-UnNzY8NyA7NXxnDWdybnt4ZGRrZWM5KS04J3dzGnB5Yi0wPi53c2kyLjEqNnxuYHE6PTk9LDxweRR5YHt7fHVqbXJ8dmtweWIyODMq... Show response
d26adrx9c3n0mq.cloudfront.net/KQVlVS1IiNjstbTUwMXZqeWFmcmtnMyYkPDFkDxwZIC8CemYYMHM/KCVkZW0+IDcydnQkNzZ2Y2c4MSlvdX8hOz0qZCAlNiQ/ Frame A0E2 438 B
624 B 255ms
254ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/KQVlVS1IiNjstbTUwMXZqeWFmcmtnMyYkPDFkDxwZIC8CemYYMHM/KCVkZW0+IDcydnQkNzZ2Y2c4MSlvdX8hOz0qZCAlNiQ/PCU3JX8gKm8sNi8iPi04cHkUdHdlbmBxcSIiPCU2Ijh3c2k7P3dzaWR7fHF8Zgl3c2kiIjx3bXB4EGRrZTNkdXBweWIgKS-UnNzY8NyA7NXxnDWdybnt4ZGRrZWM5KS04J3dzGnB5Yi0wPi53c2kyLjEqNnxuYHE6PTk9LDxweRR5YHt7fHVqbXJ8dmtweWIyODMqICh8Zw1ncm57eGRnLGh6
Requested by: Host: denknowled.xyz
URL: https://denknowled.xyz/TkJkWmgvIAc3Vy9/BnwdPC5Zf1oIZ1YcDHx0BT4aNnsHaQZ+LxV0CyItET4OPC0KLkYgJxB/WggJNQwEGBFVEwEAKBcuChoXExcwFDMBDS4jIQkuBgM7PTE4CgQPHhA5GC0ZUA0nCQMxAwopf1oICScMAxQVVH9aDAsgOREqLDUxJjQYVgNaLXYpCQQ4JjxiAAE4VCsyDQMIFAEfZ1YcOA0XVxAwdiUvN1A9DA1iAR4rVG4LBikxPiAqLgY3KjYhNxMBHgExaCEkKlc5WiV1NGkMNCMzCF8oCiJiMikuVzlaJSstMBB9IDwYXAsFNigyGgwPPjAMNQENISkJN3c9IAweA1AAOyVtJhY6Ch4/KjsGNBx6GCMIGhQVKW8jHXJQEFsqOCM0KnsbDWofHitRaQt8KR0WAgszKjQQOxssH14eFg9jJAo6Ez86HHc9Ehx5JCwMGSwaLmIMIzYTPz8HOyseJT8LJzJQFDVVNAsjd1M/LxwsKB0AeGQOKQcgMlkAPwUjEg1ZehsN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: 4dbf0cbfc7c5f0ac335b2cc3cc19fc52804c13c73176ad47745cc1cdcd109422

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://denknowled.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 349
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: IxgHqebob6XspGlde2MoKc7727xL-0xrcI96k79uF_38KyilfGEHOA==

GET
H3 200 popunder.gif
dinterperson.xyz/ 35 B
618 B 214ms
111ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/popunder.gif
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 18:07:45 GMT
server: cloudflare
age: 531571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buSmZRiHCee9mQqWHPW8NutjKl%2F1AL0b4fQ4RMHSBSPeEsGZVcnyDNc8uSUKZ5SIJ%2FMKBPK5OnwOtc7c4kKyUJAGbDJeM8Q%2BdmkveKACg%2Fn1ALfxSzBcTXqj%2FGznq8gfwLRR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7121f2b29e329714-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 NiQzE2pofT8TLDEicVN9ai4wBCA3KH1ECWJ0dkZhbn5gT2Ftf31EfyksPhc9M2hqMHppenZFeXw4ZUc Show response
d26adrx9c3n0mq.cloudfront.net/zdk9aTVgVIDQrZwImPnBgT3lrdGBQJSkiNgZyDhwUOw1vHi0VGjc4fgI1PnBoUCM7Iz9LaT8jO0t+fCw8FHJuay0XcjciIh8jNix9RAlvY2hTfWplLx8hPiIvBWpofTYCamh9aUZhamhrNGpofS8fIWx5fUUNf39oDnluZH... Frame 8503 184 B
464 B 262ms
262ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/zdk9aTVgVIDQrZwImPnBgT3lrdGBQJSkiNgZyDhwUOw1vHi0VGjc4fgI1PnBoUCM7Iz9LaT8jO0t+fCw8FHJuay0XcjciIh8jNix9RAlvY2hTfWplLx8hPiIvBWpofTYCamh9aUZhamhrNGpofS8fIWx5fUUNf39oDnluZH1Efzs9KBoqLSg6HSYuaGowem-l6dkV5f39oXiQyOTUaamgOfUR/NiQzE2pofT8TLDEicVN9ai4wBCA3KH1ECWJ0dkZhbn5gT2Ftf31EfyksPhc9M2hqMHppenZFeXw4ZUc
Requested by: Host: denknowled.xyz
URL: https://denknowled.xyz/RlJLNkwnMChbcydvKRA5ND52E34Ad3lwKHRkKlI+PmsoBSJ2PzoYLyo9PlIqND0lQmIoNz8TfgAoL111JwYdURoPFhpEFjEbJmYiBDUfBSA0Ngx0HQwBIF8CIQgyciQxBwRBfTAaIgYaATgoAiohG3pmIgQ9HnUBcRsxDwAnBnNcA3YmbgQOIBE8DgoOGD5XNXYKKFwvLxsjDiYIOzMPHgc+PW9+LgYtYTwqHjMOJBY7AkAOESIkUBgfESpbJH8zHmwkJz8jRAIBIiRQH340AmE0czQeYwIgYXJZCCg+PmwEdxctTD9/GQlZPQoBLAAEFQs+VwspJS5bYSpkL10aczR4DyMeOxpPAxIHKlchIR0tYx5jYA14JRcoDgQ8KTQfDhgKFg5fLxAcclclciUJdQ11GQMHCQUFAQYoLQgjVCJzNR8ECjI0eAcJICsgRRwuMXJ7fi4jBn48NjclbAojCjwCFhMxbVw/KTw7CxgXHgZ0eRUnKGMhMw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: 9cae783d3eb4b7582a2064366260d3d31adabed44a32a4f2150cfabf368ddb95

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://denknowled.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 186
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: TcpzmZOCy0GI3cRxFRiWwXPXFRsiq7aCyFhMvKQrFKvrZyKxLpzwVA==

GET
H2 200 Q2FYL2xFdBNbfV5hWV-0oBzQHCD4SJgAEPVJ2LVh6QGpYW2xFdEMGIQMpB0h7NGFZXSUeLw5Ie0cjDg4iGG1OX3kULBkCJBJhWStxTmpbQ31EfFJDfkVhWV06FiIKHyBSdi1YekBqWFtvAnla Show response
d26adrx9c3n0mq.cloudfront.net/0RGttSXcnBAMvSDACCXRPfFJaf0FiAR4mGTRWJAEkdB0OByQeUhcrUTARCXRHYgcMJxB5TQgnFHlaSygTJlZZbwM0BAZ0AygRHiIWJwcXJlExClAkGD4CASUWYVkrfFl0Tl95XzMCAy0YMxhIe0cqH0h7R3VbQ3lSdylIe0... Frame C666 856 B
895 B 268ms
267ms Script
text/plain 13.224.194.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/0RGttSXcnBAMvSDACCXRPfFJaf0FiAR4mGTRWJAEkdB0OByQeUhcrUTARCXRHYgcMJxB5TQgnFHlaSygTJlZZbwM0BAZ0AygRHiIWJwcXJlExClAkGD4CASUWYVkrfFl0Tl95XzMCAy0YMxhIe0cqH0h7R3VbQ3lSdylIe0czAgN/Q2FYL2xFdBNbfV5hWV-0oBzQHCD4SJgAEPVJ2LVh6QGpYW2xFdEMGIQMpB0h7NGFZXSUeLw5Ie0cjDg4iGG1OX3kULBkCJBJhWStxTmpbQ31EfFJDfkVhWV06FiIKHyBSdi1YekBqWFtvAnla
Requested by: Host: denknowled.xyz
URL: https://denknowled.xyz/aXZ3bDYIFBQBCQhLFUpDGxpKSQQvU0UqUltAFghEEU8UX1hZGwZCVQUZAghQGxkZGBgHEwNJBC9GJStCHSUvD1grNzoaZS03NC9uOyYRKnwIEEcqXygkQwFxPSQgJncsHRMuBiY0Dj1TPB4UHmM9NyUvbjs+LgtVJDwPLgM9JxACcCEaFj9PDiI9AGwzFAAhBis3LVx3EBElJF8gIT0bVTE8GylOKho2B3EtQjQtZTwhLjpdGxAxAAY9Gk5ZbhM7NC1PWS86FF4gE0cPRyFGH1tkWiAVPQUFJRMVWiATRw9MKBE5SQQvJ0UqbyVEDypSKzgVCmBcHiA6G1kZNRZnITUzWGUjETYpZj88RSBgAUAmK0YwIUUUcA0zOit/ODsHLgYBQTkrcDMuJDlTJQFCJVNZFR0oUV0fMCsHJi5EB2MlNBwvfCs8HztlHQ4jAUYLJ0Rdcw8wPShQAiAfO2BZQDEFfyI+Di5lDR9GNVMCNAY7cB0ANgJaCFAdH1kHBkolfjpGAQ94OixOFlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-94.fra2.r.cloudfront.net
Software: /
Resource Hash: f1919246ee01ade237da0ee25fe4ef794d0b446f71330b3b5119286b249c59eb

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://denknowled.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 619
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: tXN0l6_Wl90TCdImqEJiLFATbHKCSPjMt9UiV5KAMNo9kTQGvfOteg==

POST
H3 204 a2d2dFJEWBUHbwkwO0E2Bl4TIyUtJiEiJj0jIyIzMwsZOQMtPlAAOw9aTkxqWF5PUiICA0tHYE0UAhUmHhRLRmJbUFAdPA0IS0Z0HVpGWmpFX1hGdB5aR0BmXVZAQGFdUEdAZlpRRVImGwYRSWNNFwIAPlZWQEFhXV9ORGFSUEBD
dinterperson.xyz/ 0
462 B 199ms
198ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dinterperson.xyz/a2d2dFJEWBUHbwkwO0E2Bl4TIyUtJiEiJj0jIyIzMwsZOQMtPlAAOw9aTkxqWF5PUiICA0tHYE0UAhUmHhRLRmJbUFAdPA0IS0Z0HVpGWmpFX1hGdB5aR0BmXVZAQGFdUEdAZlpRRVImGwYRSWNNFwIAPlZWQEFhXV9ORGFSUEBD
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo3%2FG2y3hTwQbkKtuP%2BbxbAdccV09UwyaZ16sXBYsD4FJk54Ih5n1NjxLAeNJvWkjQu2IoXn7pLX3Kblk0%2F5hFlVDJyVKEzNKVudG47qvebBoNukj30eXukct%2B9rNbyS1d%2Bk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7121f2b36fcf9714-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 floater
denknowled.xyz/ 2 KB
2 KB 326ms
326ms XHR
text/plain 13.224.198.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://denknowled.xyz/floater?cs=cFJTRWdDamtzUUZkZ3ZSQ2tmc14&abt=0&red=1&sm=83&k=download%20differences%20between%20offline%20casino%20gamesgyola%20online&v=0.8.8.2&sts=0&prn=0&emb=0&tid=888399&u=1446164367144163&agec=1653688035&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=182.4817518248175&ref=https%3A%2F%2Fwww.file-upload.com%2F0z5hcow6htdc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td11_oi1_&_W7ms=1653688039770&crc=1
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-65.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:16 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1136
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: EKL2VYUeAm1cSumc9ILnFWa2p_PHB_eWtzkdrkvYZ6Xs1-AfGthRBw==

GET
H2 200 Primary Request / Show response
mobilesafe.shop/file.php/ 19 KB
6 KB 743ms
248ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ec0617e540cf7cfbbdde7d51ff5119156ad3d2a8c26dbca5f8b4fc3c9fc15dd2

Request headers

Referer: https://www.file-upload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

content-encoding: br
content-length: 6011
content-type: text/html; charset=UTF-8
date: Fri, 27 May 2022 21:47:17 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK atrk.js
certify-js.alexametrics.com/ 4 KB
2 KB 346ms
110ms Script
application/javascript 13.224.198.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-13.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6696497
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 6yPXIIpbTvanTP7WYpUn3ekIWBrH9qXk-98PUbsRifJdUVFlUjWoWQ==

GET
H2 200 ga.js
ssl.google-analytics.com/ 45 KB
17 KB 326ms
104ms Script
text/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1380
date: Fri, 27 May 2022 21:24:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 27 May 2022 23:24:17 GMT

GET
H2 200 sdk.js
connect.facebook.net/en_US/ 3 KB
2 KB 329ms
104ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tqGEnbeh3+hii1bQkdqRIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 27 May 2022 21:59:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Roo15kQROf3qQS0O+5f4tmXZOj3LQkR/cNxKutHyKt913G3XEHPLx+WEKEomt7ySqpRbeAWaHmM1Uc8c1PQHrQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: daa72669a4b958668975502395a242f9
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 27 May 2022 21:47:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "433c499d55033e9bc822869f3c9dca4c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET sdk.js
connect.facebook.net/en_US/ 0
0

GET atrk.gif
certify.alexametrics.com/ 0
0

GET x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
0

GET __utm.gif
ssl.google-analytics.com/r/ 0
0

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 404ms
179ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49fc56edee7bd58fb633b32bcfe0e2b49116d0c058c9d8ab514d50193ad5a8b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3HNMMQ33FJHYNPF6675DF0K
date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 188
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"494845b5e1573e696774a390a39e22e4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7121f2ba88349788-AMS
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==>; rel=preload; as=script

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 349ms
116ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cdf524ef16dea36e3df28439715729c1f2d8ffa65553a3ffb183ac9769143a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39617
x-xss-protection: 0
last-modified: Fri, 27 May 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 May 2022 21:47:17 GMT

GET
H3 200 app.css
www.file-upload.com/mngez/css/ 247 KB
42 KB 113ms
112ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/css/app.css?v=1
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711141
cf-polished: origSize=253169
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 May 2019 07:43:34 GMT
server: cloudflare
etag: W/"3dcf1-5885b7da20d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bN0fqWcGJPdFnFjowX6ul6FU9x101n%2BTXiU7UDg2oG04SP8NCDxERIPIHNKLpQRbnBkhI0nvtNXlOtnZeFUkaAo6VRHUJMg%2BG0CLnpj%2BjneG6X2opGC7evnRmL4uj%2BHi8ZeT1xX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 20 May 2022 16:14:56 GMT
cache-control: public, max-age=31536000
cf-ray: 7121f2b92b4d9799-AMS
cf-bgj: minify

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 292 KB
83 KB 105ms
104ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

3674a25aceac2bbf4b658d32fd95afa91939e44a5e009d3589a971f3b6b104a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BBzJravy6mW/mlvhawCDRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85302
x-fb-rlafr: 0
x-fb-debug: RbToPivshcJVPeQaT470y45LBjwyRVH8pKitHzMAeuRjuZcbvdPn0z/+i8QQSE/I7chQw6aOYg3oqqboz/krqg==
x-fb-content-md5: 9ae0878a306b8d1e516d8d50aa54212f
x-frame-options: DENY
date: Fri, 27 May 2022 21:47:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3579525fca1409e568c69d9ae8f2f9e6"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 May 2023 02:50:36 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 215ms
107ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

fc1d10d0fc2760f6ae4a5947fe2a8ee0b86efa9c633d60ac26c74730af710780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tqGEnbeh3+hii1bQkdqRIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 27 May 2022 21:59:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Roo15kQROf3qQS0O+5f4tmXZOj3LQkR/cNxKutHyKt913G3XEHPLx+WEKEomt7ySqpRbeAWaHmM1Uc8c1PQHrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: daa72669a4b958668975502395a242f9
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 21:47:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "433c499d55033e9bc822869f3c9dca4c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 106ms
104ms Script
text/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1380
date: Fri, 27 May 2022 21:24:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 27 May 2022 23:24:17 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 110ms
108ms Script
application/javascript 13.224.198.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-13.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6696497
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: A_2bfJWvbzYgBDDVfx3C3mB_UfQntX83syLaR798Ze1VGLyz2dxyRQ==

GET
H3 200 app.js Show response
www.file-upload.com/mngez/js/ 235 KB
80 KB 121ms
120ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/js/app.js?v=20
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29984915
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jan 2021 00:19:59 GMT
server: cloudflare
etag: W/"6010b1af-3aa0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ratKCZZPWGkdQU5NgReZgge4hldTKGB3KJn2twuakgdEjCFL0ksrZAgJtmnsqxQevFmDf5KuDBT5q%2B0QOkCZejEIjsLNpdFOs8wvLvVWqB1OWg5hJkPdJKupwIwWpmGB4oIjnghK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7121f2b93b5c9799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo_new.png
www.file-upload.com/assets/images/ 3 KB
4 KB 113ms
111ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/logo_new.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441427
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"5be576df-c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=501ya%2BmgxdMOI3ezscrqgF5bpmG%2B202JTAZY%2BVXEP1QeQNHFN7g1xTHlBNgvg6nDNfZ7t20qU%2FFi1LghnXxpMBEJ8mLizoxvpaA0YP3UIqyNRbXWoIGrYwOnHQA4I0z2C%2B3D59jF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2badf049799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 anti1.png
www.file-upload.com/mngez/images/ 19 KB
19 KB 116ms
114ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti1.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10423352
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
server: cloudflare
etag: W/"4aae-57e1cfcdbca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pl7D4ZxaMWvKhcua3TLl7mNiGMbXYRbqt4PTUauppHrrgQQ9hNHlxGfUtN5xikLi3B9iwFEIBgoOfXn2gRa9UAFGqdU%2BNLiKVtJPhMpwcHk3QsEW0PysvGpcL3KhXjTV9UPDifp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7121f2badf0b9799-AMS
expires: Thu, 03 Feb 2022 06:24:45 GMT

GET
H3 200 anti2.png
www.file-upload.com/mngez/images/ 641 B
1 KB 113ms
112ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/anti2.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441427
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 641
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
server: cloudflare
etag: "5c26aa0b-281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOMxXX6pYqnoj9XvK6JnnOQBWIMym6vftPmZWckbxgwJH2v%2BXIPr3kJwzoI89PxLGqY5WZ8SVSt7ejv90OwKv5bvO9jb1xqasy%2Fej5liPvS308YFKmWxaFZBFUtUDyTWxUI6WAz7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7121f2badf0d9799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 99ms
97ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "0abbdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535
expires: Sun, 26 Jun 2022 21:46:55 GMT

GET
H3 200 norton.png
www.file-upload.com/assets/images/ 5 KB
5 KB 117ms
116ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/assets/images/norton.png
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/0z5hcow6htdc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441427
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
server: cloudflare
etag: W/"5be576df-1363"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Maqwi0wJHKbNe%2BHkFC76G4FgI0oTy8AiXkuRUel5z3kRmuGqmgnK7IEa7D2vNlpEeHp5WfUo911e7SG2jHj9RRFmXWdtAdZhvuFiOOWnF8fkrD069fzKO6BQN9R3L%2FRLYFw7WOIP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2badf109799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 111ms
110ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=48814f395ccdcfb1dadbd527ba2dcf20

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

9504f884efd19e67d926df48df35ddb6256133eb76c6bf14c0c073e550a7c83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobilesafe.shop/
Origin: https://mobilesafe.shop
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gW5OWVRjPf+83l8iQoC3WA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 27 May 2023 20:37:05 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84260
x-fb-rlafr: 0
x-fb-debug: 6ko8CKEmH07GefWZC1dMzYW/4Se14vGCL6aGFFUKoH3jb7fr2LPnkcfY89IJybjewc8fR/x/eHZzogN8hMAX1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4522feae00f062e018c7abb5339a90d7
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 21:47:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b332cd1f2dfab5c51495b63c4ef93b6d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 flags.png
www.file-upload.com/mngez/images/ 15 KB
15 KB 117ms
117ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33441427
cf-bgj: csam-hash
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"5be57753-3aae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og%2FxADFdocFYi6%2BXFrMbZq7YNFER%2FhzFzgS7Jnlz0IVrrFmsJZ3MrD22%2BG1lOspkvDB3q0E0nrJNppWQmUeQXgGOyqhZHkTtX4CTQV%2F4QREH4fsxGzQKgvOzaBhyI4f20d6zWKUS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7121f2baef3d9799-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/ 0
0

GET
H3 200 impl.v15.0.0.js Show response
live.demand.supply/ 77 KB
25 KB 233ms
116ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 638678
cf-polished: origSize=79512
cf-ray: 7121f2bc6f6a978b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 bW9iaWxlc2FmZS5zaG9wLw== Show response
live.demand.supply/p4/v14-3-0/ 2 KB
1006 B 336ms
219ms Script
text/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==
Requested by: Host: mobilesafe.shop
URL: https://mobilesafe.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536bb4532d0c6d58ba8a1e52828c2f9553fcb40024626c44d73d08cece2e6aff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7121f2bc6f70978b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
400 B 221ms
105ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=406&cs=c&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:17 GMT
cf-cache-status: HIT
age: 104463
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2bc6fce0121-AMS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 356ms
133ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

42f20329844d04226ac3a88758a9df700bc60b48655d3d3b0a43c003db378083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56109
x-xss-protection: 0
server: cafe
etag: 15153817483191866099
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 May 2022 21:47:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 353ms
119ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ae19d95522e7cca3a9177e0fb1b7934d3d8c2c209620eb943432834ac2f7d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28163
x-xss-protection: 0
server: sffe
etag: "1228 / 221 of 1000 / last-modified: 1653649602"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 May 2022 21:47:17 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
469 B 222ms
108ms XHR
text/html 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G40M30TYSE2AH66KGEGZ5QPP
date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 104463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7121f2bc6fcc0121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 163ms
162ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104543
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28a0-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQLqSuq%2BdP1mFHTiPVwspX4EBnj%2BkWLdi5DbNG60tTTowCIngbmsPuV4Bhwpj3yP8leQBWOckEqwR1%2F%2FRi7S47C%2BQMLpkFJv5Q9pGWkkfGpUtqvyQ9Ub7u4yB200R7CjbLqYiDa7"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7121f2bc7fdc9773-AMS

GET
H3 200 fontawesome-webfont.woff
www.file-upload.com/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 163ms
162ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104543
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"17ee8-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTEuPXGdUig%2BYp7%2BiqxddgGHZUYSNCgLpktnGu%2FRje1ol%2BQYNt6a8ZHvW%2F%2BTxzNRondrbaeNMeGA1EHU2rQOEWyREdyQEnkLYZmh%2BG1X0S9hmEQte%2BUgHeGbjNvvMUsRBcu3GfXz"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7121f2bc7fdf9773-AMS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 346ms
105ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126662314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5290
date: Fri, 27 May 2022 20:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 27 May 2022 22:19:08 GMT

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.com/mngez/fonts/ 10 KB
11 KB 110ms
110ms Font
application/font-woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.com/mngez/css/app.css?v=1
Origin: https://mobilesafe.shop
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104544
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 12:02:27 GMT
server: cloudflare
etag: W/"28b4-57a3a1ffe3ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBEylODJCMJkd8u8hWuI3XaEBuYdrNFE94rqtRlbvq9dO2qmdnTQVRBX3W3%2B3qhFe9jn727%2B8DoDUT80gcmKsbxL21kBQ7itwtZ39JriqQojUqMvbPWGf6rqgYWIz%2FeY1VdTVYsN"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7121f2bd8a4e9773-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
363 B 111ms
110ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3RM2K0M5B9CQWKE2FDTDA8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2bdfa1b0121-AMS

GET
H3 200 mobilesafe.shop_auto_interstitial_desktop Show response
live.demand.supply/cpi/ 25 B
252 B 242ms
241ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cpi/mobilesafe.shop_auto_interstitial_desktop?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6bf537809c62dc4ea509ad18f90ca12ea69c61a663d9e5bf475f1605067fb3

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7121f2be0a2f0121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 110ms
109ms Stylesheet
text/css 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01FYNHR9AV6B50KEQQBHX0GPK5
date: Fri, 27 May 2022 21:47:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 996929
etag: W/"ec00ccc2678f0bda8ad9a0a421a8790a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7121f2be0b48978b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobilesafe.shop_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
256 B 485ms
484ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb99b71c799707bad6162b4cf07ae0246fdb67b80ce0d175da13457fa0d154e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7121f2be0a380121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 mobilesafe.shop_fluid_sq_square Show response
live.demand.supply/cp/ 28 B
255 B 557ms
555ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_square?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e207b1c9591e53b46e0f95cbfcd6b63a7128e125682ea4177e13e46b5294c956

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7121f2be1a420121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28

GET
H3 200 mobilesafe.shop_fluid_sq_sq Show response
live.demand.supply/cp/ 29 B
256 B 483ms
478ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb99b71c799707bad6162b4cf07ae0246fdb67b80ce0d175da13457fa0d154e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7121f2be1a460121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 mobilesafe.shop_fluid_sq_sq Show response
live.demand.supply/cp/ 29 B
256 B 556ms
554ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb99b71c799707bad6162b4cf07ae0246fdb67b80ce0d175da13457fa0d154e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7121f2be1a490121-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 pubads_impl_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 320ms
106ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126668
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 May 2023 21:32:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
121 B 332ms
116ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Fri, 27 May 2022 21:47:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 002D 10 KB
5 KB 334ms
104ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

age: 1254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:26:24 GMT
etag: 1327746537699501093
expires: Fri, 10 Jun 2022 21:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 326ms
112ms XHR
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2001627615&t=pageview&_s=1&dl=https%3A%2F%2Fmobilesafe.shop%2F&dr=https%3A%2F%2Fwww.file-upload.com%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1644139409&gjid=277637900&cid=1305499913.1653688042&tid=UA-126662314-1&_gid=1434034108.1653688042&_r=1&gtm=2ou5p1&z=1321976734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobilesafe.shop/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 107ms
107ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_interstitial_desktop&pdc=5.198888778686523&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2bf8ca30121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 108ms
107ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_728x90_sticky_display_bottom&pdc=-0.007025446742773056&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c11eeb0121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 110ms
110ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_sq&pdc=-0.007025446742773056&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c12ef80121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
363 B 107ms
106ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=mobilesafe.shop_fluid_sq_sq&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3RM2K0M5B9CQWKE2FDTDA8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c12efa0121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 106ms
106ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_square&pdc=-0.04917812719941139&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c1afae0121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 106ms
106ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_sq&pdc=-0.007025446742773056&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c1bfb20121-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
363 B 107ms
106ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=mobilesafe.shop_fluid_sq_sq&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3RM2K0M5B9CQWKE2FDTDA8J
date: Fri, 27 May 2022 21:47:18 GMT
cf-cache-status: HIT
age: 104464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c1bfb50121-AMS

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 333ms
115ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobilesafe.shop

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 348ms
348ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512753692566401&correlator=4209613791065221&eid=31061165&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cd601fffa-3eb6-476a-be34-4efbe15fbf8a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=683461381&sfv=1-0-38&ecs=20220527&ists=1&fas=8&fsapi=false&prev_scp=ti%3D76014bc1-23ee-49fd-91c9-aca2adbc67fa%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D94&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653688042223&lmt=1653688042&dlt=1653688040688&idt=1488&biw=1600&bih=1200&ucis=1&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1305499913.1653688042&ga_sid=1653688042&ga_hid=2001627615&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

91ef8b3ffe285a49b1face6334b421f57a27a56feb2ebbfd5727b4b5374816a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 400ms
399ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512753692566401&correlator=3656467279364415&eid=31061165&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cf152fd0a-aa6a-4efa-8db4-3b15697ae52b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3551285455&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=ti%3D76014bc1-23ee-49fd-91c9-aca2adbc67fa%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D94&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653688042228&lmt=1653688042&dlt=1653688040688&idt=1488&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1305499913.1653688042&ga_sid=1653688042&ga_hid=2001627615&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

37937eba2e884b89c3834d9b1dcc04149af224536cef0fa99bfc1670b395ee78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8182
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 375ms
375ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512753692566401&correlator=2011265712543732&eid=31061165&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cecc5ff8d-fb57-40bd-ae7c-b9ab38ef0b20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x280&ifi=3&adks=2032064449&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=ti%3D76014bc1-23ee-49fd-91c9-aca2adbc67fa%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D94&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653688042233&lmt=1653688042&dlt=1653688040688&idt=1488&biw=1600&bih=1200&adxs=245&adys=671&ucis=3&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=555x296&msz=555x296&fws=0&ohw=0&ga_vid=1305499913.1653688042&ga_sid=1653688042&ga_hid=2001627615&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fda5ddc616f50bd628e64124995b717da801228c7508fbb7cd6ce653bbf3564a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8683
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 414ms
413ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512753692566401&correlator=3926739555701397&eid=31061165&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cecc5ff8d-fb57-40bd-ae7c-b9ab38ef0b20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x280&ifi=4&adks=4103863149&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=ti%3D76014bc1-23ee-49fd-91c9-aca2adbc67fa%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D94&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653688042236&lmt=1653688042&dlt=1653688040688&idt=1488&biw=1600&bih=1200&adxs=800&adys=671&ucis=4&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=555x296&msz=555x296&fws=0&ohw=0&ga_vid=1305499913.1653688042&ga_sid=1653688042&ga_hid=2001627615&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4a3608db38e76aa284d305e7d9022b02b38c765d1436a9d9f969b67c84f55a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 350ms
350ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512753692566401&correlator=2589377394560019&eid=31061165&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C41035550-e6ce-4a9a-affa-92417da35c2f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=3637477135&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=ti%3D76014bc1-23ee-49fd-91c9-aca2adbc67fa%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D94&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653688042238&lmt=1653688042&dlt=1653688040688&idt=1488&biw=1600&bih=1200&adxs=245&adys=231&ucis=5&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1305499913.1653688042&ga_sid=1653688042&ga_hid=2001627615&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

c0822d781c63fd92e91a093e369bcfa60e92e8641c84c941f9762fdf1b1d36aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8680
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobilesafe.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21D1 6 KB
4 KB 376ms
113ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 104ms
103ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 May 2022 15:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 May 2023 15:14:35 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 41 KB
12 KB 435ms
215ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:24:45 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11458
x-request-id: 195133734

GET
H3 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D3F0 6 KB
3 KB 341ms
127ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 107ms
107ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.11&b=1&r=mobilesafe.shop_auto_interstitial_desktop&sy=fa8437d1-acda-4a23-a733-23f1f1e6341e&ts=94&cd=2&pud=406&pus=c&pue=1165&pid=336&pis=c&pie=1502&ppd=339&pps=a&ppe=1504&pad=515&pas=c&pae=1684&pcl=1051&ttc=1535&tti=2701&ttif=0&lca=1504&lcak=ppe&lct=1684&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=76014bc1-23ee-49fd-91c9-aca2adbc67fa&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:19 GMT
cf-cache-status: HIT
age: 104465
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c54cf90121-AMS

GET
H3 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 372C 6 KB
3 KB 329ms
132ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 105ms
105ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_square&sy=fa8437d1-acda-4a23-a733-23f1f1e6341e&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=76014bc1-23ee-49fd-91c9-aca2adbc67fa&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:19 GMT
cf-cache-status: HIT
age: 104465
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c55d1d0121-AMS

GET
H3 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85F1 6 KB
3 KB 303ms
119ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 113ms
112ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_sq&sy=fa8437d1-acda-4a23-a733-23f1f1e6341e&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=550x280&mlbw=4g&mlcs=NaN&mltp=76014bc1-23ee-49fd-91c9-aca2adbc67fa&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:19 GMT
cf-cache-status: HIT
age: 104465
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c57d3d0121-AMS

GET
H3 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09E9 6 KB
3 KB 275ms
107ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 113ms
113ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_auto_728x90_sticky_display_bottom&sy=fa8437d1-acda-4a23-a733-23f1f1e6341e&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=76014bc1-23ee-49fd-91c9-aca2adbc67fa&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:19 GMT
cf-cache-status: HIT
age: 104465
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c58d740121-AMS

GET
H3 200 container.html Show response
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8828 6 KB
3 KB 272ms
114ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Sat, 27 May 2023 21:47:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 107ms
107ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_sq&sy=fa8437d1-acda-4a23-a733-23f1f1e6341e&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=550x280&mlbw=4g&mlcs=NaN&mltp=76014bc1-23ee-49fd-91c9-aca2adbc67fa&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01G3Z8QB9PPTWAKFKFENA5YN8J
date: Fri, 27 May 2022 21:47:19 GMT
cf-cache-status: HIT
age: 104465
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7121f2c59da20121-AMS

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 75B9 624 B
300 B 391ms
169ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNXnZroBY-EXejThXWFzRRMrJuYu2p86Rd35VOeIdo-Qlpuja7jc9rVEisOUPADnY480tFnp7UhCpO6MPD1d2Hwwc-aP0fLVKinWFn-ToowPduJmh3UCtffHwuRBKTvLrohQJJBdNgKfGO1IX0ENB-zuDeNVNWpw-d_LRbWDch6gj23oZX61ebmRVALnORamc9k7bnvjR35UBqKc8DdcCRTgELE2sA

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Fri, 27 May 2022 21:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 09E9 60 KB
28 KB 475ms
259ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfKttZp9YI1EV84JF8n_QdiLWss2u2CwWqu3gXPhdokdjkUvPrKbVmNi-U1QmHW9p1MlCF1bx52TMNaUcZmTIlLRs0tQ&cry=1&dbm_d=AKAmf-DKu19Oh3GBTLwl5SyU4NEhC9pasuOLcUhWjblh14t_VQB6H66PPs2k2affvZrtp5BZbfjNBXz1STAaGsb5QkvclaL1_GJ-UiKvQ9VYAmKlCaXehLz_CjxeAX9JJy6El0EmKqJ3vE7p_w50Zwiz10-Bz0Kc9bVIJ7eX2i9pRyOCmMlJYTG2H9ODurBYgiBT5K2cQ8nRBnqILslXvR16HwhMj_pCsl3FjXTCKxzGfQqKkdVAM0Hyv70V3e_wGvObAePoTQRMYhXCeYy7DsU0NJs86QFXIXIb9fQMYYBwekKHya8SpKNdFMtns0Zl22T93tv7Ayk9roy79e-Xfz8j9lXaHV8am5O-iiAQyvm1izDRc0sD4hHuliHl9N17m1owoaksmHf-FncffogzHKoolIMpr7k--oODPMncJEQV7VrKFpCsu5avo_6Mx3OfvjdUz7t0wYf5TUBhgd9UaPjRojsXTEIeCB5s-3ui6DkT07daZTJFLR3hmmwGArJprDiOfFJ-2wHpDGGJibqsuzr2-pNwTbBjYSpgDc6ha5Fkzk1UKqxxpEccIEPy0KpGoVmVLwSxh0Mged-dZ89i4T7y395lIE9Gb7aOm2MPMsEYppoJPp9yEjuB3kjsSDeSRy3zOiiAhFCyHkEdIIDIa-vjcDg848YHSZI7J3eEIxgWKyvlwgzN2ffWsNzSwQxvIs1A53UPsm_JstfsahjkuacZ59EF1KjdEw-tc7qMO0tt1mvW8_g4F6RoKXB3K5Zg_Gto6-FgompnkAuVQqRLZigpBosC5t8au7veo75wp18JQj8NR2vin2RCHrEldOdvH08ZEN81gsT2d3dgk5fC-Dg3-bkZ7D0Xi_UcnAu5HIbeh-hAWAdugREc4N_CYg0sTg-9CS78yFfSWr_jcioWE3RiQi3JR7HnN1yXUEbVSq-_0oj7f3ATJcJI7O7OxOl6GcN2bB0A28x64urH26wkRNklfXS_CNQVqGMH9Nu_lXNCrz7GImcG9QU_jCJd3iVajJ4UcpbWUYi4hQYS-xguCsmagloNkhPIt20WZPBYMFUsorSX52oNs46icyBWLM2O6kI6peZ3KWZNvexV3JPXq5RpJ5Iozsvi18pxDiU4jiEOw00y2vH1l2AZNOO7jqybcOP7QRzioVel0k6qR9y6fuS_Y-IIBl9B17cfOiI1czNNY5afSeg3m3tl2oMJ4Tmb6KRLvrSCRCDfGmcZQ97wu1tvMj_41nnU6DznSCGg2oHqZah7AmY-ZywFLSRmobjOthrvOn1GMxB_5Uyv7R-ztFcB_LGSA46LQxN-raWSj5redrKRVO1LL419_IOny8HNI9nGV4qHqn_r-PtDK4Pigvn2u59dHH1Jsx6vDVFl4uESUmQ66SzGSGNBeqAQiQREoc7uHppNsQRJRJ82bh_CNW5j8hi0ZpXaurr2Dqe8V5_vNepK2cMm4e5r-FgcVY5wg0zV91lASbtab4JqYrFRUqHrKzXc3vxasGu4Shu1wlO7dTFEda-ZODk0--evtQ36caVkysv0dk8NnXStNYgirlBm28-oo2vyqgom7EoTltMoHCFjV_1ji7uHEZgzMBms3GMzdyRrCWIHG3ebSzkD30UV8-XTGHNiJQx1MMusi1jmeJB4FGQ4D0vBtbntQ8cLOtTqZp_3d6kFkuSrvTm7Ia632E1jIVJMheVfw449KZl16kAG7uJzG2BgfjZ6QCJV2-VxFYFVgYHdsbSps6PJwSrf7lIbxjYo6iRZWy6H6GfF6LpXqokDvAE5X7xlcGdA2tzeHcbhBy31A3wQkXq9I7Js5dbSiszdsgbLuAuwfMVfGclspn6rNL5MFngj2_1_Dv_c-TidE4STdZ5EaPbBwE439RkGTdtxOVY8H8KOVhxiS_G4UHNNMKPqNVCt6mgN_7hUU5PpV2QgQyIJk9kbfU_z_MrW_gmJ8c94p5yLao19Pn82iinWLfS5deP1Dk6PZ2ds6qvIFXKqXcYN_zV3sn1S7ExEj1juCfBJStUGQPLfE52NLB4osSRFQJZvv9C9j2kPqz1Wl55lZh6oO9iC-nvt7HVvO85b7yIeG-rsc7KBh-_XRuzNNpmB2pgeF9f_5Y_lY_h_HK1s28dnLws0oyAn1LUXYOf7r2oamn1btMuQCoP-qIdE_KH9OrkbIRXiIVIWNMm_CBJNK_0heuGJXQF_MXhOMA37WsqjFc7RRwAFmMZHODA9TiabNf3Eaw5AuGWScQ6DtYqkiKec3HmPO-8VmD9dAgwC6apjpjBYxDmbuMxIvY96VfR99I_B3QUCtPvno4aYy66oty8CM0dGAu4ckmZVv_ppd6AisGfnII5tgGTwVplsKXTF_bvtleqrsh7hjWuUXuWdi6GT4_z6TSoOVhvDuiWyXtUogvxBHat5FAwbT3l15MxNs1tYwDNi16zeFcjoJ6xzKowiOTdiU4uOQ_CPe9uNohfwmY2gvh3nlYEjPljEb4mj6xAXRXEJH3Opu82GdUy28QeNw29zgg-xcb-qnzh_Qqr_B8uuE1dq6S_CKPZuybWtF6lDJGs03jhBT9oy8xIGP6iHgFYfVo22dkmNonOIIqOBBkxNlO8h8E1ZIP7W8Rq-R0X0QSbd_RFl_UwzJv_AmacgrqBTrbY-1BW_rmPup9mmiUVI5Q4wOJaxkJVR4wj4V1HQZD3GuE2uyxx-K4eXXhATYUCQsRAiZSe-YnVhapan1sjv9BjZVB-dODJ7nFLSW31Watd3gZ5989ydUFgwdt6dkCtjgD0UNIt9iyu-k-GvApB4wEtnBy2U8DUX4FdJ34Qqc2cDM_vv2W_OeTEDmGDQnRmthrslojxFNKIYubfvROvZE-pnmXsV8tSzDiW8ZNsv4CFNDtKEn7OqKFitBkhfrbqSyMxbYEJ7H1xmKUzHjASRmCRdYZc4JalYND7MtbW55MVs6d0c814mUCHhj03t6vdXXi4lz2cTkx2-SunisVDRGE2niN1RNzkP7Cg&cid=CAASJ-RoA00PD8IfYnWqKJWv9P46eqdE9YeIoRq8qYKfGU2WNcnj1uIFdw&rfl=1%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

eae88b6ebbbc4dc92d253bd4cf6b7f5b4329c66cf0b160592f35fe52b252a1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28724
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09E9 42 B
63 B 402ms
181ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIlsLRfJlKOdm5uPtbFzSD3mnbEFMTuc4nabBWX4fKi3KfqSklFbqusARpCZE9KLDsFBW5m_9NJKmP4Nuj5aiUi38sDcVAo9_cCE1fJ3paRYcjgzA

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 09E9 3 KB
1 KB 442ms
199ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09E9 136 KB
42 KB 378ms
135ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 09E9 17 KB
8 KB 360ms
118ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 09E9 0
0 367ms
123ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMaFwbDjp-nxOfGqVcUiNOQUfT5WxqH3kdIRVWII60mEckQh4ZbVCsukL1eZolTrAkQsT-4QlRwc8hAzVzRYdzyWscJQ
Requested by: Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 51C7 624 B
300 B 332ms
124ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXrOdASrjmV-VfOMXwkq6UYTLzBu9LFleBAc99ewTiolYvq_D-IYfiXX7pECtsa0Tub_4SxANsf9jyBVdF-WaTyjjDkozF2kj9pz7mGmxE4HRKxuU1rRwmRvMaTBKk-j4ZIUCnF2nTWrzA9WB9ADN8zWJ2CVO5f60wf78Vb9zoAI5MOzgJe0wZFG4D7nnD02pu4Z0QJqHxNhcZjwtJbZu2uMlf_gg

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Fri, 27 May 2022 21:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF17 60 KB
28 KB 420ms
220ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz3iJ_tsQLMxEk3K-lRnKB1RZFe0NGrwNvG6v1ffP5QOp6yAiAYi23VDrbVdfG96PCD7ixrexl6CBl8f2OZzAkxziKZA&cry=1&dbm_d=AKAmf-DdPCBuZOahyRTNVbcEbxCJZbOv_CWMPxuJtQ7wJZpIMxR6kUS2GS4FgtxZJDGbPITP8fTFQzPmAjVsbNmAA47k26pLqgHWWJpzudo5FcIrbefikDkBKIctjjFD1Xt_1-YjNVRQGR_r4tbqG1mo7q-YpseIZOIBlFawXyUy6Ck-UUgeo4dfw1lX_p_Wl3zpxeZN5gHMKsQYb_B6u6zNESDfhy8cYkfF6-ubxBKxlqe8cR7edpQ4wGSpkYgmTK2AZYVxW_PxcZZ19kMuimvdC33MqPKe42xdAg2BkUlrsSpWHVJQx1JZ-t5OGswPPsY5dCIwoe3L3gt8u67BLvbymcyUsExUr07ol-40OhgTkVlPBOsLGsanHq9IJ3Vjyw9dX4uvf7yXEgqnebYbiw4jczKTp42xOyoq5Qy01M0U3iF4rkUsYDzL4SuoFcYKN8CVi_hxq9bmnTOWEuhWk_CdFppw6NH7TXzB4wa-xktGwxjJVIXZKynZZtQLypheiDhBzGAjPSrlpx_4LzykrPNTmmBtow_kCWSo8Jaa5B9h1aMOUOtdf7t1uO4Cyl3Om7jFwybqYZ0VVZY24s0E8oTdG23bnvmbFH0RXJ1fqTccGKUVh4oQjDXbgMuRNSH6ZRnhGCSxEo9apQiNqQXVR2qlYDJJLmHnqGfNwh06AAGLa27AUqZCU-NvZNfJatJ31n8C_laZSGSWG1wUv5BHJCEI3yb1vFK-a4HRRp4W4A22wepqYxd9rOsUe6beFEuQCar2cyS7w1ARiDAoZYY_0qKAk9C7NZM1JrpWh4QJVJdpp5Vjg7YRY_xb_AwL9ouiue5YONtEOKXGl4nxj3rIkB2OZ5ja46qNaN2mz2Vn-luVy3qZG3lXJesDsfbJ523CpO4FSwZFS9wAzm3nPCdDe_44RJh19wTa0p7XD_fVBgCkg9-PPUMeyutL51H1IHdORVN9_LnEnJz-crfJshTRFsvUM3Q7xABfSEfBA-cEJWlZvLP-hFOrnkKe5KLXdGQZayXTdZO4EQARKhgLn_C89q1ZN76RZuQBLc9rKlxQ3DCy3-MhgJuMAiqGT_19Zre9nfAlNAmBPan9Z6v8CWYqmhu4yXpkiCNeUl3hXPLJtIDcGVDCUbB5WztIssSRtNpv4bEjSSOVhCusKr6T46y592e026-qlzk5FWc9xz7ZJKoVyLCh_xL7K0v2lWydEybddG5H6KH9c0TpSxeXzQoCFTfz-wDPZzLu6jFeWrQce5zoBLztKhFiG5WXsi7IGK5N5kVD0cL1_RZU24CoksArxKkGzDTKzkdYKi3ABWPBl7wNRcYpF7NluSADx9H9FabfHFtGz2GywsIfYRNGQFYRrE8OUCoS73Hi2uOgPu827nOsR114YPvCvt9_kBkoEzCtXbgdgUrUaZEUPMcdQ4Hat-Z649pP3Efb28ErNIprRGBcvcx8lVcL4XDKENJJcIHvsTaUCoNybTYzpq_zDfB4TKqUC8vJyES15s1Zu5Chj6f1UMCmlc0IOrTKuVDqOWidvqN84YWA3uuBJt0sUq5doqEJmIcaVKeX7Fj0SJSPR5YVIA-0yu4ILwnzXQi3xfV_EmkNKs8zG4JIAa-Iqbqrj_sTMWuqzxKzW2GHUEOJgGtwmF2r6ol4vTH-BEVrCZ9CKzeT_ieSSPR2aFOn5E9-V5wUWZT2EhrEBQordQcTVuv1Gx40OieQVBzq87Tcriyb_x-dIa04LjZPvQp-dmD3xTKpMvVNTk2m1U46Vfafwv3nqZMOheOTD14Q5EtOL326genZH94zNtcPqeugWZoVWdvm44HgGGylDp9Ms8FF42_x30UpiF8IbBCKo8z8OeC7Lao55pWOLbuxFAq4uoNBdhLssPppd3vS6pakfTVz7yUJvLu3O4AayGx7TLDRRpwlYVx3ViNY1Our_2e2yzZSNnNWtZhLZRLuDTaRRXB0MUJeQdhK75L6K-xIlwN9hIuiJ0yGu-AtEmcNFnkoK6PdxNewmerOsDAiTs_9e14Svvknt2hzXTkjri9FLMDqta7pqg1y8oWqhzst36YfWvtycBjUgXzCqWHrjtxYR4A8Z7htYEE53_xtK_AHe-FhEe9ZEMRhhwlh5DwMGGbei8CArNO7SjYOJ2gYn1EcxjhlOVNYV06p6IjVXKOX3_Nt7p0GVzmAFNKh9OmvV7FH_3P1OhqjO-I1WrDB3EaER8GAf7Nivc2FeI_JeK-Vbzm1DwVS9H0cYzkU10wLyEWtC7Vlu8T_6aYhfYTwI3SP_g9XNLizq5CWu09EBsG6NN7RxMDcyAqNHPRMC1ZS92eLhSS7hfrgBqBz3-WdZxkZdovagRSA6xESSybC9IuK_GCXgOpi7z4KSqe3rGILFB9dmON0xxszImj2ioUJcqzqK-6HTv41z-Yb14riCJlZa1N_6A22JsBMrKrZbO0mhCv3enIWYXrhtbi1VLgRp6x2VnhjbtDBZLBaSMXMMfS08VxQ92wouv86MAnFgkvRikiG3bZbE_fduzQSkn2ekTKI_vzbVc8jPvS7EHHtAIgbGxPGovpdQWUF8mVGKikdnLN3Qbq3k_Nu0m2U6R78vjaFhZIRuxuTf22JV9-icAMUaMrjzlh1lQFZxghqs0S1FLuUFvPvo1TbHl7FL895-DMaw1OT8MeQj4dgYISFMQyNYcq5v8wSfzk4Via0CXbDleiwVQyhY1qpWW4dZlnTqQRIctwmqS5b9gvdKnsmzokAMh5hF5zgrJXsPCgH_TzhSooRQcKfOXfgEiNMHf4v4RNHieNGYpGgNfyufhyjRGn7U-3gxk0DXdftzCl4Op24jwzta7l79U1zaSAA_3Ib0LrU8oN-hY9-UbJwe28VbhC5fNLO__75_aW5JS3-3L098TGiKHzx9SR1Xm-uSVstigge5ErngGcNRUVRY4f1atMEu61qCwQDckC8RSRkblN_orXuQy6kfamc1xdBH58eew&cid=CAASKORoJrshABNBL4OqC1vFz1v3g-kTOr8ShLg7WPPEZ6tOX_EXxMIkuus&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5f975afe5fb91a81a226324eb36cb46a645b82be843935e240a5d22fa2fbb8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame DF17 3 KB
1 KB 469ms
238ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 19:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 19:00:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF17 136 KB
42 KB 503ms
272ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame DF17 17 KB
7 KB 429ms
199ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

b0beaa956302a685c6eae5e9461b7aaf11003e16bed90483b096d7acf9add88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7270
x-xss-protection: 0
server: cafe
etag: 17832645109891401903
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:08:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF17 0
0 358ms
127ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDNBO-patNMLKgrxDe0GDBhdeR5N31f1biECUeEcCdns34ZIBQfG75lJBSfwK0ST040XCaSVk5kDSyCuUOB1lhLEdFcg
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF17 42 B
63 B 385ms
178ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdaCaejs0zT41nuRwEaGddNqNa2_S1n3ECBlHeLJeIyo2MRSzB7oclyv_vnZTKXyEbGsQZUvLaDwBb7k5GHlvoCOw7mD9rJooh0HEx2N687GZDKZM

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C1F 624 B
300 B 333ms
138ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXUVwWm6zFtBZU7Nfhla0U3RxGmNnFp2Q29yqdqbgP9vmDZiBR2t2JkcBWQs7ko6eEAD6Su_hUsIP6as4zNKszOyLfTKRr7_4OIsBF_qk4DpeVmmbK-4FdlJ6BySzFAIH-MK-l7OSMAflK0oyKBB5URx2cA7Uj6nFjrzDMTxJmS8w-K5Uc9KyuJ8XmUz_7EmZsx2uPaNZ514g57kIljIC6OAIlIRA

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Fri, 27 May 2022 21:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 13A9 60 KB
28 KB 370ms
183ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXeAje8uJ48siQEFANBI40UALysh2muyYfHF6KKAp6pRFFLJ11r6s-uhRCaFw6RChnb7DO4-NugEvOhO5Ye_xnyCPGCg&cry=1&dbm_d=AKAmf-Aw8cS53RMCKj8Ti284v-Ery7O0TJMQVfa_Su_c5Tnm9K_qLmhxluL_dGAkUWi4qRrnnrOgCNhWh1EnVOv2-GFpiqgkuwfk52dgfLNupduv-UNpYfUm1fFF4Zz1EqFV7nyS5HwKcq4OLPSLqKaQdfQnbnTZ2ugCreidB9kruH9RH25Uh3miWBEp55uQbLUQtdmWo-rdgiwTU-_QUSJf3iIoMYA98NW2k390PspxhW9Mu4WqyiAavX9EnssbPsomwgBBN7sna34aZvHJKan-MG5OT4-PiI2cClAXdYLwXPHiI6AYkuJiTJ1GkamIHOxmCYDclI4d5Ud4xv5qdI-UAgBKU-0_S0Q3bydBH4ZVsaPwSQ00RUyqRbFd6FLeVu-2GYJUo9qvRTnv7unGFQsjUxlDCdDCxEvTm0delNpDbPdrLDJDLKhSfF6stEgRB04UHwgVbukUsMyi4gNxPUIzydmCnFjrfMqIyJ5H4vKcqimUhhJ0N9djy137kwB3gAsfDzRFV5pH2oLxyuqgZMUk1jtqya1558S9NJ6jlzPdVK8sj9GqQYygoaTrfek8K3t5SDptuR9fjDvhq0VhwJdTKbyamgEs-I7PbsXaM5UPymagj29PKdZz8smR6sXcNaNP_yBhdhGIpAVhY1CgE2fL1lnwMYkTSqhiGmJiwukvhJ1i6zXcXBVFwYbuYj7VB8khSqgbG0J2dufZoqQypp9zAVONnzjcPCOzoKyYTVmGezW8BUrvQ2ly20cj5b9Jq5PMeNYYVJ_wzFdGTBC1rRyxFQIzwQfijtArU7-c0z05usl_4Y6ubbK8amGW21CrGGEZuS8lmmtCQc_OGNyQhm6xQHf7sAhL8WNVFN9s3cW4aNTpqTTPs86Jlb3f3MaUni_xwKJgBKx9M5bVteejNCw_Ui0KLiNsSDXtqcG8CCa47usYHSq6E4-4zeRKFuluu6_yr3MRJn5uKJ0zaDVBlz4ck6ltBully7Ggp96VLebcWQnytxgetvhCqQfd3KLVzXUWhZSHh5eZ4Lr7SSw9z9nPSjuI8bew5566ueQbObYrzWTqJKed_7X9B81ZPglRrZyZ1j2UNgKBIRkWXKaXibY0e_R0LSyA6952QDVjJ17ymamGCPmh-0-vpG1y8IZW1E3yW6VzdTRETdwySj0mamwoQkBXPvazWXXo-mXgcz0iU2TGedhnun-h4TZsa0Em-B3c0SDOzqX34tdhMiL185pi8kGtaxdQwfqRvYqbCAFeD0RM03Km83Z2MF-0ECqknDe4EHJk8khqGT_MfywCQmx9b6UnH5KYS_kgoRR0k7AAU3mRJAafyDIiafcCW4J050OEPMoEA7Q_rvdN4NBTyK6YLHF_SVq-JIsJcEfrFUUcyJBpXvvmXKbC4QavLi5Wnv7-fZCbavW8RsQGXErPEl52MOzLoOXerBRV806U_bdofwOlXedrYyLc864xjLaTtMnkkDEkkxzsvfwZkF_rNRMaO7vBz5rMXp7sBBzkK7vNNpn3yx0AcnKsXJtEdMyQkiSyrMORTgc_qfgGZnFLdkJhfdpnW5SlZCuPoIJdCWKIed0CUqdlPxIUjod6_Ypaznx4P4RhnEoIjITnOsHVVln7MdD_928HkyR66utbCFdpIEDZLrkOOUXfwyXWwyk3vNQkchAnXCV4PPLAOUfp5RRipfr0TPSU6X1K6wKcC6xw8v1MJ3r9a998x0xoORun4swhSb3eheEXNKemFKb6WRBlBZPGR7_ADaD5bCA80RlvphWWyq11bQkQ2qKv_yylTW3fgyDIUGVrc7vwHZvax2-8J6G9ncVa0dC-Xr3H5AWb0cI8zLSY07DmnEmvI0YKuKECk07iVRf_ryf9b0j5CU90NokPimhk7bA2jWaRET0oNRLvmuRoS4U25Y9wbfOe8lyhEHh5uOCO-BFjZozI9IuSvkBN8_9C1yJQ2QRYXrxwW9J3dkLgqdBi44m0OnB-1o987MKK4-urKspyJGByNcVy-PXohiixn8ylq6NBqV89uCVZLhOaRDRUmaF9tZcqAoO6eGsSE0-ygm9B_Lbm3gHgU1QbNtmuTgboFhynmEbMVr-BNvVwajeOZU-XU1AKJyQAJJyx7sCZMB8IS1chV139BiC5eWBexyInCVYjcFik1ifEAS4SPpDWDwUcvndR5VjahhRsmymrM4mhE3vqsuPKxvzsJoAYbV_Il3czZsw7DuUDWfxNx6obM25yJ6cPAucXDSBLwGp79IVdGaJ5UU4Xh5bj2xWqG14tbvuwEbHnvT2HcDvvS53xrVeQz7Q41ZZxdlbu9JQrBvmeohcLtGQLOEYsYVrJCH41ydmIEZX_Um01HK6vHFjwP62WSV61Ne8cZPeuxMVE1L3E2rjUGScQYYZbXBF_B8aPdm1JZBwhSThITTCSU6LssME-QJZ0nT1NEYNsF_rNE50SSyWGcfTctah-EhffQjuai7_YrMTV-CHn1HN7CJLEMwIGgnNAfNSeEw8_LF1k7RvY-9IupTSSvNM18cYoKr2qo7k_YWMNGIvfvHGpo6ybqiHtEJGUIIoST4R7veOZHGQNYLNmBrMqWNL6-QrfsYiswHzHXi5EwQMrt22A1ZiDLcCU3YIeDUhIpA_6BF6oxfzM5x6aoo5IwCmMND-hGT4LddMCxgT_hKmEIcNFCwvwDYcchwHi7bYAdRrUvSeOjZLLadnGIgPWivFfu9ovAs2upT_-UphRYfzyPofzF-blrVEB0ly9i_gVBKnw8-bwmQzs6gDCbS891YVYr3MW3GzUZmLvvBEiD5UQAitW15OxJw5rf-0VOkl-Rg7esyqilv0FYzWvIAXOLaaEaAG07L-i79iPOKbtwVtYfi66S0jhiQhXYLQAlK1qm9L1pj_3ROsVJcp0oE-_PVyeakB4rje3Wm6hWQL4speSKMMOXzt5GxXL-Br9t-YXgsg1F_rMEk87p0LamHtGapU9i_tDMQrSn4mFVdpadkTfQ-Uw8Lw&cid=CAASKORoKt-ToQEz93N0Jl1ulvbvUV7qTQMto5EpnZ1pQWRAF3X9s0BPSCs&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4fc649acdde3f000fdc39f0ba662ab1dd480f68ef49180e8b6498cd46b32ba93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 13A9 3 KB
1 KB 483ms
264ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13A9 136 KB
42 KB 570ms
351ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 13A9 17 KB
7 KB 359ms
141ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 13A9 0
0 352ms
133ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVYfHTmx_VY1CyESHax2bESZLVs8-FJErrhMt03ATPMzKZkKDfqlPK7O486AuE81XZBTOSZnXTZJTFpkcz3nPuXMUbXg
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13A9 42 B
63 B 374ms
179ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApeGOzQvVdILvQfZgrUEXaRgHrw8Fx7u5F3XUZgfVzjlsPghR1NioLgHsserdGiOcCzytDR-XatJkwjIHzQHU8zepf0PiKTchyC-3V6oE9nHG634s

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D3F0 4 KB
1 KB 356ms
128ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 21:40:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 21:47:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 67BB 624 B
300 B 327ms
148ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT2JhC56PjEAhiP0czCATAB&v=APEucNWjzOwim-hrgKYaftjEE2qOVp6uD3qL0tQzDnWm1ydphNzI3cPN0TGKuv4co--r_EEVfxwOWOr572hKzthqI2UnH6NjAmVzBrBP8aYYZZGY3SERjKU-cC1bR-THBnmkOfnm0czekimfwrslRqHICLh83UKNsUK4niAW95pOh9CU4sBebt8MgQcXesNjFb_Sw4_JoVQiSs6jmFoPJmsnqEQOc5BZWQ

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Fri, 27 May 2022 21:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F6D5 64 KB
31 KB 370ms
196ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAalKrX4fucaNBmlx1MOGuLFXyZ-Wju2reqHgsffYg0UM4NZxcN4GGh8zZiwKrsAik3nMaFCHPuvhfuLU8VJNLJtKQhznBuMQI7lQHwoMBTI7heVq0LKoxvIZH-1vLribkeLqlshMYH8G7sqinblH4bC3K1A&dbm_d=AKAmf-Bn8EMt-VSaZzix9MzdHqPsV76ujt3d7_Awpmnr7WdcK1vW-2Gt-VwQ8O70ZpDD9WX3Tj25_BN8Jz33WO6t7_hyxsRHkOdK3ZK7R6GlC91bB6ho-A-nWZrJ28JjEfBF0ORGz516i_7qtVV3VsNptgRlinou4IbKiBxurx4Qb_FWdNBWa8FyeWyE5ZXA2MQBZ5_ZQ1J2EUNQLXkwmUF5TbmXLBNXdfpcmVJXJ5BETY44m66KBC9rX92J-TqpM3cZA3U6X5S_3m7TQwGIhgOg68Pdp_4CgO9eZcBlBYMADh5LWjGXtXCdpEjr7qHCxmeAPILXi4LT0uc0ea-Gn7E7iJjGbm59Frh6hruN2enRjJ2Q0aNl-9sMe8Zz4RT4qTxtMFKNL5cxTZXC5SA1d5AZT09R2fpD7AiUhOXvsHkl8rmeHu3zftbiMG3Y-Gz7N6BCltrp3EF_F7PW0aR1EI0yBYrOqpM-cgz83sPdWyCO1JssmRPMpXWg8GFRpYqerpOvsXRUtxwB-5NStWtv9vz4-wV2zJ2BUc1LFPvcD8WkyD_KaXjzro_0sWEqGLtQ5FU11T496AL9c88Ty4LqAhwEFpIoDsNJgx4tccGWkIGrXwBHR6QCRxZaR8SiFA9DnzUAp9Ukgx8I7R_j-gPN4nDaQ9M-PGi44tNriBfAP_q55dK-IQNu0t5bRSHgy4dIVQcbzH8fAig4Ewiw4b_IdJEZV1av8lGGOC7S6lXPoUkyGzBDR7H9LqllZgYcEHATja9aU12LxtDgR2xcJYbC8zXBxKq7hVjz1ti3bBXYRXwDB-MywHmudf9ymajXa2TtxYCn7JV-ldg3OKqT9tG3LPCPRgzlpmuDvBZT82GLRcBWzms_WZvXQUy5B7gvYpHcCRbY6VMT4B9f0zT4sfDlvxO2GgA-tAhK5Xlran9doP6Kt6O3zqXKnk3tgcSCPZ-Ox9nchD9UGFvTALbde0RUFU8mYtlFkZA7Rwc1Ij68EbRdS9-ZMydchzdOOtJGtSBaXtjXYoKB21fwm-bdXvXGPFNMAUlLd_ZWTA7VZs63W5k_IVaIZHcG6QS4ANhVIbi5ob8MR3KAPEPe5PICdff-earGBb_oK9zKEivnmo71JjCEN5z6lsyctGxGH4PMZODlFow_MAoy10HYV_lpB3noIzNKh-iZb8B8a3VaJtrKbAAFDloIBcC6sbF8qXHBs_R2rpJysKFO5WfdmNRw4b3hgxAA-FDF5cCp1hrMZmBXGnYCbiZvvu1eQ04oIT03EU55c-O_6u-NwGBYSVE9Aglp60pBkZHo_qMt8nsripqwnfDva6RoqsdRxBHXV14dlcs-9kczhImSLcYfWk3YJ7MPUKus8GDLWIsYADRrerOnlhiOTiXiFGjzj49rsSzyIxYy6kD_AjrfN1TRsaf6HOZ2wD0tXlbSlVfcCZA3fOtEDaFVypwr20HIXt3972UwlInnQ_XUrttpn-kmbn_uai2-FX0UzYqVrEimB1p6v_S2njNbPR89_4i0-lYTatFoyjuarl92EJFmBDI4dpcNAaaW48atgv8s00A_yBuio4Fj3scWQWpa7gb_O42DA5DbQxjIQY3dRTUmj-SVbVlkcqBcSgSJC1gmEetbfZvZk3hH19y_Tf9fSUtJv6z4l0ciJKtJeQ9xLD7Pk3sZmlbBo82OF_qZAXfH-h3ygaRm5URA2ETfK4osDccP_a6KbXHP0RGLdIrdPU28YLX0HXbN5aj-G4J0_0L8SFRcQs72H2Olzkp92J5PDKoRdQda_PI9OQjqrT11vaO8WJr6myvVKyaGJFguOB86wTNWFvt-HUg6tyzIDvc2kRHrI5GLDp5gdbZ77YPpMwMVcMN1clPAeTf8beUppWoatleD7UbzzheyefNTjqTmRI_zbkM1OYkAU5g4XQdBgLA2hz0QKx3dC9GcdDxY6mKzqc5aQF76-WxMW61Va9FkqCWdOd-And9rhxA9Yz_OTDpeSRsjADuMiHg0zQQpKQPZEu-sYNCnlq8qx2reh1YujMJix7RMOeZOt6ZoWI5U4vGGROETmh4j1OWqppRJ26EDW-5jkD8Z2lPkpldZCshXO3tiNWgo1WUk0NqqS3kzaddAlelV0EUFUJbb-Z9O627w_C5CuJM9zNxLEufE4UMDF68tAja2uUbScTk4nVWUiTgF5WrfPBdthu15jXmSXKYhn9Lqkxj59krE-dJWE69RvQQLAxYb0fkpiGlSUNpVd_34A1Gia2QQa9-PWItlEEr4TcaQR_nI7x40RDYkbzXsLhNwuFRFwA_-8dwhhjjaxO3tLCtfUqAB5jKRcz6_V3wL44W4RHZIEwiQjmZDvqxpvNO-0CdD2Oj0u7Qytk12aI05VUKJqpG-1T61-dr-AqLVdU2R_8ipapCyEImmXPIMDoGp3MI9b5VVz6Kq-tb5X7SAp_QSQDRLv4nHKO7LLXHGz_tyopcXOnfTKoBgJZPJpQMyp98zz8qGD_cru9IKym7he2ovBCxoxTHX5Ov80fUnVncxkGjkljR1S6Q-1YR-Jepk63_LEayYDz3EBs4DQrQRcSScpauMmrgHeeMOED2sYMkg2-5is3oWTp-g0S07DUhNODlgOjFoFB5431XAIiyGBcDcvTe3sHt5F3ogPJvbiFTZqOG6IHaHu9D9QtRpD0pJExJr4pUV3W43rVVorMeGm3x0kbceQ__aCux4rGpne5t8gKtZ3rx9Q8QznY7hmK7vqY5VaR4w0qj2c2n2CloCcnq5etwnlV3anEwsankZmpiQi4yH5WLSwQiqkwMbCEyPcag8fKwJ8wOPRRaKrvkO5-afKMgVecOKm4uiJHOLu_q4u9qAZOj6AvhNeY0l6zBHG1D5XkL7areY1eb87oD2huCmFYelPVnVx7fDXFBuMFprtkR_B6NG0BzL1ziGRac_DB61xWeuljwhhVxcj4u1nrtg9NF9sdtP3LcaisHdaek5IcSIav4ZHgxOWLH-JyBMp8lgZygAX11RacCERIJgnxS2AmhRXkOUFwc6KOyvXDVGKODux7CzMox9zj9-LP-acc_s_M3AviEzNr_8-OIkUhbym6VaLbK31GCBkQr76lR8G5iyZCtB_v8JjMFI9HYqKZA&cid=CAASKORo-DguqnnEhu5jPTMSbnY0UPVVNgv6TODCiaDzd93rZumL_b5UeZE&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9648abff3636c299c07fc316a48793c09417c23e3344d2acc49415d302cd013e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31526
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F6D5 3 KB
1 KB 470ms
264ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2021.js

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 19:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 19:00:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F6D5 17 KB
7 KB 429ms
223ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

b0beaa956302a685c6eae5e9461b7aaf11003e16bed90483b096d7acf9add88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7270
x-xss-protection: 0
server: cafe
etag: 17832645109891401903
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:08:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F6D5 0
0 338ms
131ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQldWrojy9xMoU8s1R93Yn1Bw05Ko5XHaatpmGrvpvuuWGweMv9O2I3A-8Kp-qBybhZsxJJX4Fhuz37FLW7O8GWVMHg-g
Requested by: Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6D5 136 KB
42 KB 577ms
371ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6D5 42 B
63 B 365ms
182ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcgqvkTN_lvSG4KkGmEL1RCkYjqmdHKRwufqGF7XlAMi_3HoIHIG7nziuCQE0C0Ndccg7DaA110GLbUKXvUQT1ICt4FIk44hTGfZ1PVoSKWNotsNE

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame D3F0 19 KB
8 KB 449ms
244ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 19:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 1301743315790764339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 19:30:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2170 624 B
300 B 343ms
171ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNWI6JePdSZBE-twYrFDYr7wmvNhdT41itmgK9gjLwTghXWYoF3iAu_k2H0i-jTuXnhkK_6Ka-fExANvz_WCwF6FIbOFKEaTG7c0mTAoJDn1IVuB2udmUxq_Itlv9hSH2rJhgTPJ8zaxWoZfyx48_qHF4QlgdrANmj0LOfT4SWv01UnTe9mhJn2GNYxe6BCUb_N6p0f7T_zlCA56lg_n6yCb3f6bpA

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:19 GMT
expires: Fri, 27 May 2022 21:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1BDB 60 KB
28 KB 465ms
299ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARvXgEu6_vUBYrYZUuvwNQmp6NW6omr8za39LdbABBWnkzMoJex0Wz9B2wHvVMz3-I_GdRpRpWHSSKTzBdhfgjbkyt2Q&cry=1&dbm_d=AKAmf-CgfXX2p2Jn4M-qo-P5Z7WguDED_YYnWepAPO7NyiFgibg8LZhKQv3b3jGeS9D8c7lCeXU8ltQK4ChSogSC1lERB1o3-lnPDd5-d6VB18fBjjanQaJDYH6Ao45UPMeWwaDhWk3nz-PjOg7veJaEpHc6HJ3b77omD0ZQY8knJCtfzHmEAQK9KGn5jZB70BLeogqOQv010RGnfcod59uSl5NEi8nsYCzf8N-zZUAGkJGv8CtcOkpyT3e782iTcIKszZO8UQA3QcG2CfBL3wd-8fuYWedb-GfvaXpFDcNfFZkMTCyaNPLRaTLgeKzd1x6zurszCIk7PqitRrbjLhNU4J4Vlmz56DY942Fa5V1EOrVxqhf42Zeo3ltRZqEdWdjVAuhuc-izLDvfsRodaLDr9w1I4-3wp_0264oJ-XXF-DVXsSbPD_8eq36U-pnd8N0CwsSF_mxFuqF1RwW-R4IW-VS0PPtequxXQ9I9T8a7oYmhEUqZOwMFngj0XcNJrF2u1GanrKWgIwNy_nhIIYwxxH56z9vGZLb2916k91oRhEUycjMLiGG1MZQYMtuo7ckO4PnSrP_MBCsFhgm6f2Gjx4AlPfDcytlSMvkhKouNnLVwitadg7kJsmEC02rFx3-G63DxYE5ABesVtBOz_IgUwdiuUCGpdMu9y5AdSEPogloE8ietbPz6QpD3kEVHANHzW3VYKWt5AZMVVZVD9Kx_tth4paEO9mV2QWsOWcOezC-73T0s96u06px6CBL4KjEYbsxRNIv4oy1AumaF1_8QnPGkGOkqm24UFuujoEoTzbMU_CUlUeWk-jO-XYoG67idIXuSizJ05hdlETm51_xepdditpPK-oJbR0oSLUn95jhgIHVJN3JZYG6qljiYwEvwQ65q74Ik_KMAWBjZzWWUEYDrlGd2ozUVAQF_EpWtZkQHG-HWtkfY-l8O6p02Riw417a_yhfbp2A66x7W_o8Et4GrmKStCaeaUiFcldiPU-K1DxB6NOhvjgTyVSmz7S20_sO6GHHPLVkOXX7s4UnBT3oGfxHkrow1hlEaDurMVIycC2rETDdgyvKDvnEx6I2sHLnO6fSZarB0Kn0EglZWCQK8oX0TLw4J2TczYQTv3lWudruz6T8eJAVrQn1KI8G50ZQaoM_d9Xh7NSpTlml7Wj4mBOHsTHxoOXAmoYNHZNPECtWaA4LhkGbwQGxng7VOFEcZm7_6SvLF7vk3-akqvS-iof-SAfJflmAI2TK02zUXxah2gMw-nP61DDBdL68RYxhtP3-LLBBF97Vg3xcsIRZ-al4i37aSrMrp6XLNn3sDV9rF3sdAEqdcGNjedYCH3O5-L55okiTfrvwqc4aqPekId-CiWPn6zF61ceZczw-IIDtDB4Y9YklHl4qWDjIoibg_HJxo6eL39_2vMdU_55BiSWr3W6uYWt0KJyGtdYuTiyXG8Q-YtMM4zRxGkt9wLkHeSb-Gq0GBkZrlIUPHQvCnJkjrqvNMzdLfbGezahdifIhGVqvwCV6R11tm89qZKSesgjlA_Dgf5OQXdXontEkRHnrCidpum1l8g-TPy6HZXFUVhpj5UesZXnBFkKEBQlCF255q5nW7dFIzrP4KvimEtrtkaHjNsULQi-AepMrskVIIf9M22tC62RfYFSDYO7VPxvaJXMbt30aSYfcS6Gp68rnVM31q3cOuxVvh6R214d9KHf-PHEDhFtUFGkjgUTxgS9UisxqbxsBxShFfxOFZgeJlTRrVMQYQ5l3P_MxhlXoDynJiO4VI4N8UBBUYtEOqYNFWB4Vtq4GQF3OykyC0vr75Rf7-TGU-NHYYqOfik_8avRLTWYQzvFc8l1L5FU_3zaHs_jgiD3awDFcTE6W718fzlgJ5UIA8xRlgEpb-3oPLDZlAYNT0EkEmPJXAoPbTke3G4PN3fkhN7nZlRO5pn00KBXHOmUiRAogtA4ChCQdd_dtyc1fJwpW4SPCJP7_8llM94VzrwskTh6xpV9ArB2KyeBY4wx23z53-ooAjOSywg8DaYc-1LbVvqMysAXXiI-ppNFgiRL4RzKQ4_STY24a8uWHRmj_OKzmAZMpG364JlGyicGry_zYuz1DufRYa3nMy_V04QmdnqW1RrrMrj6UI_LD1MmdcWtont-sOYTV4IUWSIRPBfUeRs3oVMwcs9A-UKkbN5TWYtMU4D_lpjYba69AbezCZu7vyi5UqQ7DaYb1ifXBoYDAEX0rHARKhmm2_T-FRBSMA40biOhnlTXfG6zWm8Y2ELhCylYzZZblUrT3AQPCwSa5cAe6JVURSgN2jv9r3LtKN_LwvvBIUowYz_fShm8r0hAgZWtUTE2MrhQnzf5_1oXlUSJKWA97u24QvYcTkE6nFJMppGVGGaM_-hsxCbppdJb6k57Cg2QVkDrqR-1QyZSJvgMVnucN5oIhZG2D-evmfyHdioJM_F41-0wfzy4OXfT3KerT4Nt86jcxNavMegCUHzOZJ0-_uGi1cWeZBw170TPtTGcBNVFc-tEuWbjbDSZQ2AuH9iPeZR1rEY1q6S9ykcpy8B8OUvEVUBNoAlGU4rJK9cNZaNo4lsctTkr2FNAfetrPxhAihTCnnAWzwCyk1UStc1Qnm9KHWFaQXMHgAIhTf1sZHoxfs9t8-gOxlJNUIk56GfeqEaGnf87UfozZ0iOoaSxD8RzZv7icj1tIqXc4cuV_gC3JYjZmqm-qLxPSsOD6L8B9_59un5U9WdCUfVtAy-akPvOsdr8LPctGEkRiA-27LSeTOaEnq1LHkKGbhh4w7jnWt2ehrIWFYBgFTUDpF_GpVcoTCRFxJEtUj93ny1oLvGhhM2fbwrcWeSRMvPs-1CXqvq93Hamjlp4yKtV7Vwk9s8mequFbMFvZ9j9jlIdJ-m3yGex5YyD9Md_qTbStDOAKEfx7I464A8x2nX4X1KhiTH6xYe0RK-FUFl8iZYYtzGpE5o5KqED9XxbtGCS8zRhLjt_Q&cid=CAASJ-RoaNQbSf-gfK6GWj6-G3WU9yzazpNyWK88tkhD9_IjthGN-AlRqQ&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9f13b8732f17856991168af0f50bccf89c94327973b6741f098227ae1640d5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28644
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 1BDB 3 KB
1 KB 461ms
268ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BDB 136 KB
42 KB 586ms
392ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 1BDB 17 KB
7 KB 336ms
143ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:40:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1BDB 0
0 318ms
125ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYJ6eLEOTDuEpnz8C7-luy4P8RXA2YQz8-DDlmpup8aGQEtLJlyNlgfa0FOjFQL0aO4nQ99JCY20sfI1XdV2kFdzx7eQ
Requested by: Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BDB 42 B
63 B 352ms
182ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D37jrbjbfg2KyhdkQTJCjfHdPEAIE-6xDNpB8IvUkTgsjb4TCK1vn2oq38s25VE13xVJ-_Zm1qefy4o5GadeVvXN5kN7X9nzg7xxTUe4YyZhtKn9U

Requested by

Host: www.file-upload.com
URL: https://www.file-upload.com/0z5hcow6htdc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 340ms
112ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mobilesafe.shop/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mobilesafe.shop
date: Fri, 27 May 2022 21:47:19 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 51C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1

43 B
892 B

150ms
120ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXrOdASrjmV-VfOMXwkq6UYTLzBu9LFleBAc99ewTiolYvq_D-IYfiXX7pECtsa0Tub_4SxANsf9jyBVdF-WaTyjjDkozF2kj9pz7mGmxE4HRKxuU1rRwmRvMaTBKk-j4ZIUCnF2nTWrzA9WB9ADN8zWJ2CVO5f60wf78Vb9zoAI5MOzgJe0wZFG4D7nnD02pu4Z0QJqHxNhcZjwtJbZu2uMlf_gg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 27 May 2022 21:47:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 51C7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bUgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

43 B
892 B

116ms
116ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXrOdASrjmV-VfOMXwkq6UYTLzBu9LFleBAc99ewTiolYvq_D-IYfiXX7pECtsa0Tub_4SxANsf9jyBVdF-WaTyjjDkozF2kj9pz7mGmxE4HRKxuU1rRwmRvMaTBKk-j4ZIUCnF2nTWrzA9WB9ADN8zWJ2CVO5f60wf78Vb9zoAI5MOzgJe0wZFG4D7nnD02pu4Z0QJqHxNhcZjwtJbZu2uMlf_gg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 51C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

43 B
1018 B

213ms
115ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXrOdASrjmV-VfOMXwkq6UYTLzBu9LFleBAc99ewTiolYvq_D-IYfiXX7pECtsa0Tub_4SxANsf9jyBVdF-WaTyjjDkozF2kj9pz7mGmxE4HRKxuU1rRwmRvMaTBKk-j4ZIUCnF2nTWrzA9WB9ADN8zWJ2CVO5f60wf78Vb9zoAI5MOzgJe0wZFG4D7nnD02pu4Z0QJqHxNhcZjwtJbZu2uMlf_gg

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6c69e1c7-e944-4dc6-98b9-83fe1f5ede92
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

170 B
188 B

224ms
114ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc9afad9-e951-4c5e-b6de-5b4b93c3909e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1

43 B
1012 B

264ms
117ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXUVwWm6zFtBZU7Nfhla0U3RxGmNnFp2Q29yqdqbgP9vmDZiBR2t2JkcBWQs7ko6eEAD6Su_hUsIP6as4zNKszOyLfTKRr7_4OIsBF_qk4DpeVmmbK-4FdlJ6BySzFAIH-MK-l7OSMAflK0oyKBB5URx2cA7Uj6nFjrzDMTxJmS8w-K5Uc9KyuJ8XmUz_7EmZsx2uPaNZ514g57kIljIC6OAIlIRA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELA7RJ6_iwOAZKSQw3OpsNw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 27 May 2022 21:47:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

43 B
892 B

138ms
123ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXUVwWm6zFtBZU7Nfhla0U3RxGmNnFp2Q29yqdqbgP9vmDZiBR2t2JkcBWQs7ko6eEAD6Su_hUsIP6as4zNKszOyLfTKRr7_4OIsBF_qk4DpeVmmbK-4FdlJ6BySzFAIH-MK-l7OSMAflK0oyKBB5URx2cA7Uj6nFjrzDMTxJmS8w-K5Uc9KyuJ8XmUz_7EmZsx2uPaNZ514g57kIljIC6OAIlIRA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

43 B
1 KB

244ms
165ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiZtabKATAB&v=APEucNXUVwWm6zFtBZU7Nfhla0U3RxGmNnFp2Q29yqdqbgP9vmDZiBR2t2JkcBWQs7ko6eEAD6Su_hUsIP6as4zNKszOyLfTKRr7_4OIsBF_qk4DpeVmmbK-4FdlJ6BySzFAIH-MK-l7OSMAflK0oyKBB5URx2cA7Uj6nFjrzDMTxJmS8w-K5Uc9KyuJ8XmUz_7EmZsx2uPaNZ514g57kIljIC6OAIlIRA

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2fb82d8a-8957-4574-9546-f971f5098de4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9709e1d-3c6b-4a16-bf6b-180644499c8c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

170 B
188 B

331ms
114ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b9d01f40-f88b-47ce-bfc2-6bce777e5501
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

43 B
1012 B

319ms
184ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT2JhC56PjEAhiP0czCATAB&v=APEucNWjzOwim-hrgKYaftjEE2qOVp6uD3qL0tQzDnWm1ydphNzI3cPN0TGKuv4co--r_EEVfxwOWOr572hKzthqI2UnH6NjAmVzBrBP8aYYZZGY3SERjKU-cC1bR-THBnmkOfnm0czekimfwrslRqHICLh83UKNsUK4niAW95pOh9CU4sBebt8MgQcXesNjFb_Sw4_JoVQiSs6jmFoPJmsnqEQOc5BZWQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 27 May 2022 21:47:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

43 B
892 B

115ms
115ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT2JhC56PjEAhiP0czCATAB&v=APEucNWjzOwim-hrgKYaftjEE2qOVp6uD3qL0tQzDnWm1ydphNzI3cPN0TGKuv4co--r_EEVfxwOWOr572hKzthqI2UnH6NjAmVzBrBP8aYYZZGY3SERjKU-cC1bR-THBnmkOfnm0czekimfwrslRqHICLh83UKNsUK4niAW95pOh9CU4sBebt8MgQcXesNjFb_Sw4_JoVQiSs6jmFoPJmsnqEQOc5BZWQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 67BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

43 B
1018 B

250ms
114ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT2JhC56PjEAhiP0czCATAB&v=APEucNWjzOwim-hrgKYaftjEE2qOVp6uD3qL0tQzDnWm1ydphNzI3cPN0TGKuv4co--r_EEVfxwOWOr572hKzthqI2UnH6NjAmVzBrBP8aYYZZGY3SERjKU-cC1bR-THBnmkOfnm0czekimfwrslRqHICLh83UKNsUK4niAW95pOh9CU4sBebt8MgQcXesNjFb_Sw4_JoVQiSs6jmFoPJmsnqEQOc5BZWQ

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 19e1ca33-47ac-4fd0-a5b5-2204d2755880
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

170 B
188 B

228ms
119ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f7040c3e-75b8-46c7-8033-9f845380b8f0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

43 B
1012 B

316ms
181ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNXnZroBY-EXejThXWFzRRMrJuYu2p86Rd35VOeIdo-Qlpuja7jc9rVEisOUPADnY480tFnp7UhCpO6MPD1d2Hwwc-aP0fLVKinWFn-ToowPduJmh3UCtffHwuRBKTvLrohQJJBdNgKfGO1IX0ENB-zuDeNVNWpw-d_LRbWDch6gj23oZX61ebmRVALnORamc9k7bnvjR35UBqKc8DdcCRTgELE2sA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 27 May 2022 21:47:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75B9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6O45F.jAeKfj9E4bVgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2

43 B
892 B

123ms
122ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNXnZroBY-EXejThXWFzRRMrJuYu2p86Rd35VOeIdo-Qlpuja7jc9rVEisOUPADnY480tFnp7UhCpO6MPD1d2Hwwc-aP0fLVKinWFn-ToowPduJmh3UCtffHwuRBKTvLrohQJJBdNgKfGO1IX0ENB-zuDeNVNWpw-d_LRbWDch6gj23oZX61ebmRVALnORamc9k7bnvjR35UBqKc8DdcCRTgELE2sA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 75B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

43 B
1 KB

249ms
123ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNXnZroBY-EXejThXWFzRRMrJuYu2p86Rd35VOeIdo-Qlpuja7jc9rVEisOUPADnY480tFnp7UhCpO6MPD1d2Hwwc-aP0fLVKinWFn-ToowPduJmh3UCtffHwuRBKTvLrohQJJBdNgKfGO1IX0ENB-zuDeNVNWpw-d_LRbWDch6gj23oZX61ebmRVALnORamc9k7bnvjR35UBqKc8DdcCRTgELE2sA

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1442e5a9-7c41-48b7-afca-3a6998551c91
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c635a029-3726-4b99-9cbe-27b5118af16c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75B9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

170 B
188 B

223ms
113ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c238469c-752a-43dd-a615-b8ee56f846cb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4ODU4NTU3MjkxMjg2NjE0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2170
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1

43 B
1012 B

262ms
115ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNWI6JePdSZBE-twYrFDYr7wmvNhdT41itmgK9gjLwTghXWYoF3iAu_k2H0i-jTuXnhkK_6Ka-fExANvz_WCwF6FIbOFKEaTG7c0mTAoJDn1IVuB2udmUxq_Itlv9hSH2rJhgTPJ8zaxWoZfyx48_qHF4QlgdrANmj0LOfT4SWv01UnTe9mhJn2GNYxe6BCUb_N6p0f7T_zlCA56lg_n6yCb3f6bpA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJOPF7wrab2C0ozf9X3VK8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 27 May 2022 21:47:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2170
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpFG6DlLfYsCwVR0JumgyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1

43 B
892 B

116ms
116ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNWI6JePdSZBE-twYrFDYr7wmvNhdT41itmgK9gjLwTghXWYoF3iAu_k2H0i-jTuXnhkK_6Ka-fExANvz_WCwF6FIbOFKEaTG7c0mTAoJDn1IVuB2udmUxq_Itlv9hSH2rJhgTPJ8zaxWoZfyx48_qHF4QlgdrANmj0LOfT4SWv01UnTe9mhJn2GNYxe6BCUb_N6p0f7T_zlCA56lg_n6yCb3f6bpA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 27 May 2022 21:47:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBg27TjYKCCC4nAyyLl0png&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2170
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAcjWhXxqZDJWAA1coKWDnQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

43 B
1 KB

238ms
113ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhi8jabKATAB&v=APEucNWI6JePdSZBE-twYrFDYr7wmvNhdT41itmgK9gjLwTghXWYoF3iAu_k2H0i-jTuXnhkK_6Ka-fExANvz_WCwF6FIbOFKEaTG7c0mTAoJDn1IVuB2udmUxq_Itlv9hSH2rJhgTPJ8zaxWoZfyx48_qHF4QlgdrANmj0LOfT4SWv01UnTe9mhJn2GNYxe6BCUb_N6p0f7T_zlCA56lg_n6yCb3f6bpA

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c601f38-40d8-4454-99a9-325c5b93c5e0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7ea2125e-0a40-4b60-adc4-63a8f01ccfc5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAcjWhXxqZDJWAA1coKWDnQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2170
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5ODI5NDk5MTc3MTA4NzI5MA%3D%3D

170 B
188 B

114ms
114ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5ODI5NDk5MTc3MTA4NzI5MA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 May 2022 21:47:20 GMT
X-Proxy-Origin: 45.133.192.165; 45.133.192.165; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30ab0590-e610-42cb-88c6-dacbb2e208c6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5ODI5NDk5MTc3MTA4NzI5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 13A9 27 KB
10 KB 106ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXeAje8uJ48siQEFANBI40UALysh2muyYfHF6KKAp6pRFFLJ11r6s-uhRCaFw6RChnb7DO4-NugEvOhO5Ye_xnyCPGCg&cry=1&dbm_d=AKAmf-Aw8cS53RMCKj8Ti284v-Ery7O0TJMQVfa_Su_c5Tnm9K_qLmhxluL_dGAkUWi4qRrnnrOgCNhWh1EnVOv2-GFpiqgkuwfk52dgfLNupduv-UNpYfUm1fFF4Zz1EqFV7nyS5HwKcq4OLPSLqKaQdfQnbnTZ2ugCreidB9kruH9RH25Uh3miWBEp55uQbLUQtdmWo-rdgiwTU-_QUSJf3iIoMYA98NW2k390PspxhW9Mu4WqyiAavX9EnssbPsomwgBBN7sna34aZvHJKan-MG5OT4-PiI2cClAXdYLwXPHiI6AYkuJiTJ1GkamIHOxmCYDclI4d5Ud4xv5qdI-UAgBKU-0_S0Q3bydBH4ZVsaPwSQ00RUyqRbFd6FLeVu-2GYJUo9qvRTnv7unGFQsjUxlDCdDCxEvTm0delNpDbPdrLDJDLKhSfF6stEgRB04UHwgVbukUsMyi4gNxPUIzydmCnFjrfMqIyJ5H4vKcqimUhhJ0N9djy137kwB3gAsfDzRFV5pH2oLxyuqgZMUk1jtqya1558S9NJ6jlzPdVK8sj9GqQYygoaTrfek8K3t5SDptuR9fjDvhq0VhwJdTKbyamgEs-I7PbsXaM5UPymagj29PKdZz8smR6sXcNaNP_yBhdhGIpAVhY1CgE2fL1lnwMYkTSqhiGmJiwukvhJ1i6zXcXBVFwYbuYj7VB8khSqgbG0J2dufZoqQypp9zAVONnzjcPCOzoKyYTVmGezW8BUrvQ2ly20cj5b9Jq5PMeNYYVJ_wzFdGTBC1rRyxFQIzwQfijtArU7-c0z05usl_4Y6ubbK8amGW21CrGGEZuS8lmmtCQc_OGNyQhm6xQHf7sAhL8WNVFN9s3cW4aNTpqTTPs86Jlb3f3MaUni_xwKJgBKx9M5bVteejNCw_Ui0KLiNsSDXtqcG8CCa47usYHSq6E4-4zeRKFuluu6_yr3MRJn5uKJ0zaDVBlz4ck6ltBully7Ggp96VLebcWQnytxgetvhCqQfd3KLVzXUWhZSHh5eZ4Lr7SSw9z9nPSjuI8bew5566ueQbObYrzWTqJKed_7X9B81ZPglRrZyZ1j2UNgKBIRkWXKaXibY0e_R0LSyA6952QDVjJ17ymamGCPmh-0-vpG1y8IZW1E3yW6VzdTRETdwySj0mamwoQkBXPvazWXXo-mXgcz0iU2TGedhnun-h4TZsa0Em-B3c0SDOzqX34tdhMiL185pi8kGtaxdQwfqRvYqbCAFeD0RM03Km83Z2MF-0ECqknDe4EHJk8khqGT_MfywCQmx9b6UnH5KYS_kgoRR0k7AAU3mRJAafyDIiafcCW4J050OEPMoEA7Q_rvdN4NBTyK6YLHF_SVq-JIsJcEfrFUUcyJBpXvvmXKbC4QavLi5Wnv7-fZCbavW8RsQGXErPEl52MOzLoOXerBRV806U_bdofwOlXedrYyLc864xjLaTtMnkkDEkkxzsvfwZkF_rNRMaO7vBz5rMXp7sBBzkK7vNNpn3yx0AcnKsXJtEdMyQkiSyrMORTgc_qfgGZnFLdkJhfdpnW5SlZCuPoIJdCWKIed0CUqdlPxIUjod6_Ypaznx4P4RhnEoIjITnOsHVVln7MdD_928HkyR66utbCFdpIEDZLrkOOUXfwyXWwyk3vNQkchAnXCV4PPLAOUfp5RRipfr0TPSU6X1K6wKcC6xw8v1MJ3r9a998x0xoORun4swhSb3eheEXNKemFKb6WRBlBZPGR7_ADaD5bCA80RlvphWWyq11bQkQ2qKv_yylTW3fgyDIUGVrc7vwHZvax2-8J6G9ncVa0dC-Xr3H5AWb0cI8zLSY07DmnEmvI0YKuKECk07iVRf_ryf9b0j5CU90NokPimhk7bA2jWaRET0oNRLvmuRoS4U25Y9wbfOe8lyhEHh5uOCO-BFjZozI9IuSvkBN8_9C1yJQ2QRYXrxwW9J3dkLgqdBi44m0OnB-1o987MKK4-urKspyJGByNcVy-PXohiixn8ylq6NBqV89uCVZLhOaRDRUmaF9tZcqAoO6eGsSE0-ygm9B_Lbm3gHgU1QbNtmuTgboFhynmEbMVr-BNvVwajeOZU-XU1AKJyQAJJyx7sCZMB8IS1chV139BiC5eWBexyInCVYjcFik1ifEAS4SPpDWDwUcvndR5VjahhRsmymrM4mhE3vqsuPKxvzsJoAYbV_Il3czZsw7DuUDWfxNx6obM25yJ6cPAucXDSBLwGp79IVdGaJ5UU4Xh5bj2xWqG14tbvuwEbHnvT2HcDvvS53xrVeQz7Q41ZZxdlbu9JQrBvmeohcLtGQLOEYsYVrJCH41ydmIEZX_Um01HK6vHFjwP62WSV61Ne8cZPeuxMVE1L3E2rjUGScQYYZbXBF_B8aPdm1JZBwhSThITTCSU6LssME-QJZ0nT1NEYNsF_rNE50SSyWGcfTctah-EhffQjuai7_YrMTV-CHn1HN7CJLEMwIGgnNAfNSeEw8_LF1k7RvY-9IupTSSvNM18cYoKr2qo7k_YWMNGIvfvHGpo6ybqiHtEJGUIIoST4R7veOZHGQNYLNmBrMqWNL6-QrfsYiswHzHXi5EwQMrt22A1ZiDLcCU3YIeDUhIpA_6BF6oxfzM5x6aoo5IwCmMND-hGT4LddMCxgT_hKmEIcNFCwvwDYcchwHi7bYAdRrUvSeOjZLLadnGIgPWivFfu9ovAs2upT_-UphRYfzyPofzF-blrVEB0ly9i_gVBKnw8-bwmQzs6gDCbS891YVYr3MW3GzUZmLvvBEiD5UQAitW15OxJw5rf-0VOkl-Rg7esyqilv0FYzWvIAXOLaaEaAG07L-i79iPOKbtwVtYfi66S0jhiQhXYLQAlK1qm9L1pj_3ROsVJcp0oE-_PVyeakB4rje3Wm6hWQL4speSKMMOXzt5GxXL-Br9t-YXgsg1F_rMEk87p0LamHtGapU9i_tDMQrSn4mFVdpadkTfQ-Uw8Lw&cid=CAASKORoKt-ToQEz93N0Jl1ulvbvUV7qTQMto5EpnZ1pQWRAF3X9s0BPSCs&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:39:45 GMT

GET
H2 200 11395723777303528496
s0.2mdn.net/simgad/ Frame 13A9 21 KB
22 KB 345ms
105ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11395723777303528496

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

672c7ab8240c35a6eeb4a4014102440532733269059ba09905a9da328da0bf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 06:13:52 GMT
x-content-type-options: nosniff
age: 142408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21616
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:36:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 06:13:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 13A9 8 KB
3 KB 107ms
105ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:43:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13A9 0
622 B 383ms
150ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssox6wxCBVECwhy3xEqhUTaBpaLpoKrufr_Y9nVDJREc5yJTRBANvq-MyldlDEdzYWY_7Gay8G6fNwO--6Wr-P4Mu_aQt0emWjg0fei6USui4n5AZXybTigV5WTEK9w6Jy83fBItS_i-BaE0UGfYKqjn50G2mrpqUOjv-GMWCkc68PcQkm_rN3eNHkatVYmzNjdIJZM-QNtnUv8aBNeLo1VvJGRYM2NgawAWbDCVGO4i6P3VmwnlQx-GwvHQACNS-ieQT6Mtp9P7B0ywCTa2DNc0MrD0fsNjQWmd99bhlHZt1d6j2KMTI2hpT5WOHYkN8DLIzEEwEqrUMM3Gux4MCxt3LLaWiyYx02bh3t0Q7t70tJumVGgpqFJRF1yYkFMhP4D3OJwO3W-loBjLe5N3iEPC4FH2sc0cBZSxIktRH-4h94WUn4HZns-OcfsrOuRG_JseAALW2qLqoTluT3Gx-Fvu1veAQ3fRxglUC6JQcVH4d6pE0I4m8JEtLi9sFt1TQ_flK3WGyFLWaNXNOdMUSnUAAuuoALbwNor9mF1FRUaPcVTc9R7vKxyE2qLlfm_zItrlivlrE1nHZ-yPQCfh-PwdbY02szLaKZpRvzzJ8vDQiHXLXNxAppeI9Wvq_25tm6TLu4fLod6R7gcOFJgtCR-fpdmoVh40tPxrw6P1NJvqj8pNJS-ii6K8tUyarUaL-iN_zJEUYm2Dn_87VnaTB14oTAHcnKsqLXPQRhyVj62do3jBJEWPKPONrwjpDW9pcGsl-SkDyHogOaE5Vut_IzN00KXemYeczZpd-obde4xc5Sru81Fw6BLlEKbxLivbqkl1ir0wwgertVVyLCFT06I-5DEr7ZxswcvS4dA7zpDOkqFumghffwgk1c3rv6i20OtsmROc7B_0uU6vZH3YcgR3T9C6Rm48HvRWpxIacUMWpGcPiTH1SlDU8tcQS_gttHRSnoAu2pkYemSM7RkNyzbh02BqfsvtiQJuVDhiBVywKHP3beQosmj_90QBhAYkxtZuIqTw6B4YnpJFt46ceRdgLKnFcLz_iAOw1PL5VQ_K4kjQ0oqShjlaksTEBNGohz47dIMgKYyUtSYad3c0XhlQi40DXtkCxmv_WIk0o1_RzIPptDA_cPraBgV-Cn0fXy4wGca-FyI98Pxj5usVwGDJcEfMbhJZZtCm030H_KhJzYRwUSkc_0&sai=AMfl-YRurNkkjzvDPWNq-UmYzogNg7FdAmybJWVe240xP06-EePIx9cWAKFddjJxwiIDwnBdBlzLAdVbrnAscgyis8DrNXVSKolobgYdMjq3IM-BlaDJByW7_nQo--HwFlPAV7kPGyJVFTN4atMzklmWisPfehOevlvzRa4c34zBo02ul5o2y2OfEAmqtTGc2SdYJRsVBOwLwg8i8-suZe8bMfLiRLs40bXQrQ&sig=Cg0ArKJSzDLKSSm3ciSNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5&cbvp=1&cstd=1&cisv=r20220525.33148&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 27 May 2022 21:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 13A9 41 KB
15 KB 394ms
177ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 11:10:27 GMT

GET
H/1.1 200
OK img.gif
t.6sc.co/ Frame 13A9 43 B
774 B 539ms
306ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.6sc.co/img.gif?event=imp&mcid=62826&cb=1687077501&pid=171684057&cid=27595641

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 27 May 2022 21:47:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf16-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame F6D5 27 KB
10 KB 106ms
105ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAalKrX4fucaNBmlx1MOGuLFXyZ-Wju2reqHgsffYg0UM4NZxcN4GGh8zZiwKrsAik3nMaFCHPuvhfuLU8VJNLJtKQhznBuMQI7lQHwoMBTI7heVq0LKoxvIZH-1vLribkeLqlshMYH8G7sqinblH4bC3K1A&dbm_d=AKAmf-Bn8EMt-VSaZzix9MzdHqPsV76ujt3d7_Awpmnr7WdcK1vW-2Gt-VwQ8O70ZpDD9WX3Tj25_BN8Jz33WO6t7_hyxsRHkOdK3ZK7R6GlC91bB6ho-A-nWZrJ28JjEfBF0ORGz516i_7qtVV3VsNptgRlinou4IbKiBxurx4Qb_FWdNBWa8FyeWyE5ZXA2MQBZ5_ZQ1J2EUNQLXkwmUF5TbmXLBNXdfpcmVJXJ5BETY44m66KBC9rX92J-TqpM3cZA3U6X5S_3m7TQwGIhgOg68Pdp_4CgO9eZcBlBYMADh5LWjGXtXCdpEjr7qHCxmeAPILXi4LT0uc0ea-Gn7E7iJjGbm59Frh6hruN2enRjJ2Q0aNl-9sMe8Zz4RT4qTxtMFKNL5cxTZXC5SA1d5AZT09R2fpD7AiUhOXvsHkl8rmeHu3zftbiMG3Y-Gz7N6BCltrp3EF_F7PW0aR1EI0yBYrOqpM-cgz83sPdWyCO1JssmRPMpXWg8GFRpYqerpOvsXRUtxwB-5NStWtv9vz4-wV2zJ2BUc1LFPvcD8WkyD_KaXjzro_0sWEqGLtQ5FU11T496AL9c88Ty4LqAhwEFpIoDsNJgx4tccGWkIGrXwBHR6QCRxZaR8SiFA9DnzUAp9Ukgx8I7R_j-gPN4nDaQ9M-PGi44tNriBfAP_q55dK-IQNu0t5bRSHgy4dIVQcbzH8fAig4Ewiw4b_IdJEZV1av8lGGOC7S6lXPoUkyGzBDR7H9LqllZgYcEHATja9aU12LxtDgR2xcJYbC8zXBxKq7hVjz1ti3bBXYRXwDB-MywHmudf9ymajXa2TtxYCn7JV-ldg3OKqT9tG3LPCPRgzlpmuDvBZT82GLRcBWzms_WZvXQUy5B7gvYpHcCRbY6VMT4B9f0zT4sfDlvxO2GgA-tAhK5Xlran9doP6Kt6O3zqXKnk3tgcSCPZ-Ox9nchD9UGFvTALbde0RUFU8mYtlFkZA7Rwc1Ij68EbRdS9-ZMydchzdOOtJGtSBaXtjXYoKB21fwm-bdXvXGPFNMAUlLd_ZWTA7VZs63W5k_IVaIZHcG6QS4ANhVIbi5ob8MR3KAPEPe5PICdff-earGBb_oK9zKEivnmo71JjCEN5z6lsyctGxGH4PMZODlFow_MAoy10HYV_lpB3noIzNKh-iZb8B8a3VaJtrKbAAFDloIBcC6sbF8qXHBs_R2rpJysKFO5WfdmNRw4b3hgxAA-FDF5cCp1hrMZmBXGnYCbiZvvu1eQ04oIT03EU55c-O_6u-NwGBYSVE9Aglp60pBkZHo_qMt8nsripqwnfDva6RoqsdRxBHXV14dlcs-9kczhImSLcYfWk3YJ7MPUKus8GDLWIsYADRrerOnlhiOTiXiFGjzj49rsSzyIxYy6kD_AjrfN1TRsaf6HOZ2wD0tXlbSlVfcCZA3fOtEDaFVypwr20HIXt3972UwlInnQ_XUrttpn-kmbn_uai2-FX0UzYqVrEimB1p6v_S2njNbPR89_4i0-lYTatFoyjuarl92EJFmBDI4dpcNAaaW48atgv8s00A_yBuio4Fj3scWQWpa7gb_O42DA5DbQxjIQY3dRTUmj-SVbVlkcqBcSgSJC1gmEetbfZvZk3hH19y_Tf9fSUtJv6z4l0ciJKtJeQ9xLD7Pk3sZmlbBo82OF_qZAXfH-h3ygaRm5URA2ETfK4osDccP_a6KbXHP0RGLdIrdPU28YLX0HXbN5aj-G4J0_0L8SFRcQs72H2Olzkp92J5PDKoRdQda_PI9OQjqrT11vaO8WJr6myvVKyaGJFguOB86wTNWFvt-HUg6tyzIDvc2kRHrI5GLDp5gdbZ77YPpMwMVcMN1clPAeTf8beUppWoatleD7UbzzheyefNTjqTmRI_zbkM1OYkAU5g4XQdBgLA2hz0QKx3dC9GcdDxY6mKzqc5aQF76-WxMW61Va9FkqCWdOd-And9rhxA9Yz_OTDpeSRsjADuMiHg0zQQpKQPZEu-sYNCnlq8qx2reh1YujMJix7RMOeZOt6ZoWI5U4vGGROETmh4j1OWqppRJ26EDW-5jkD8Z2lPkpldZCshXO3tiNWgo1WUk0NqqS3kzaddAlelV0EUFUJbb-Z9O627w_C5CuJM9zNxLEufE4UMDF68tAja2uUbScTk4nVWUiTgF5WrfPBdthu15jXmSXKYhn9Lqkxj59krE-dJWE69RvQQLAxYb0fkpiGlSUNpVd_34A1Gia2QQa9-PWItlEEr4TcaQR_nI7x40RDYkbzXsLhNwuFRFwA_-8dwhhjjaxO3tLCtfUqAB5jKRcz6_V3wL44W4RHZIEwiQjmZDvqxpvNO-0CdD2Oj0u7Qytk12aI05VUKJqpG-1T61-dr-AqLVdU2R_8ipapCyEImmXPIMDoGp3MI9b5VVz6Kq-tb5X7SAp_QSQDRLv4nHKO7LLXHGz_tyopcXOnfTKoBgJZPJpQMyp98zz8qGD_cru9IKym7he2ovBCxoxTHX5Ov80fUnVncxkGjkljR1S6Q-1YR-Jepk63_LEayYDz3EBs4DQrQRcSScpauMmrgHeeMOED2sYMkg2-5is3oWTp-g0S07DUhNODlgOjFoFB5431XAIiyGBcDcvTe3sHt5F3ogPJvbiFTZqOG6IHaHu9D9QtRpD0pJExJr4pUV3W43rVVorMeGm3x0kbceQ__aCux4rGpne5t8gKtZ3rx9Q8QznY7hmK7vqY5VaR4w0qj2c2n2CloCcnq5etwnlV3anEwsankZmpiQi4yH5WLSwQiqkwMbCEyPcag8fKwJ8wOPRRaKrvkO5-afKMgVecOKm4uiJHOLu_q4u9qAZOj6AvhNeY0l6zBHG1D5XkL7areY1eb87oD2huCmFYelPVnVx7fDXFBuMFprtkR_B6NG0BzL1ziGRac_DB61xWeuljwhhVxcj4u1nrtg9NF9sdtP3LcaisHdaek5IcSIav4ZHgxOWLH-JyBMp8lgZygAX11RacCERIJgnxS2AmhRXkOUFwc6KOyvXDVGKODux7CzMox9zj9-LP-acc_s_M3AviEzNr_8-OIkUhbym6VaLbK31GCBkQr76lR8G5iyZCtB_v8JjMFI9HYqKZA&cid=CAASKORo-DguqnnEhu5jPTMSbnY0UPVVNgv6TODCiaDzd93rZumL_b5UeZE&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:39:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame F6D5 8 KB
3 KB 127ms
126ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:43:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6D5 41 KB
15 KB 329ms
144ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 11:10:27 GMT

GET
H2 200 12477053991477461346
s0.2mdn.net/simgad/ Frame F6D5 88 KB
88 KB 506ms
311ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12477053991477461346

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

1182f90410312af4f0a05c97bf87eab9e2c9864ee8c4bd2a01a07f93aa60b93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 12:00:26 GMT
x-content-type-options: nosniff
age: 121614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89903
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 20:40:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 12:00:26 GMT

GET
H2 200 11395723777303528496
s0.2mdn.net/simgad/ Frame DF17 21 KB
21 KB 388ms
207ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11395723777303528496

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz3iJ_tsQLMxEk3K-lRnKB1RZFe0NGrwNvG6v1ffP5QOp6yAiAYi23VDrbVdfG96PCD7ixrexl6CBl8f2OZzAkxziKZA&cry=1&dbm_d=AKAmf-DdPCBuZOahyRTNVbcEbxCJZbOv_CWMPxuJtQ7wJZpIMxR6kUS2GS4FgtxZJDGbPITP8fTFQzPmAjVsbNmAA47k26pLqgHWWJpzudo5FcIrbefikDkBKIctjjFD1Xt_1-YjNVRQGR_r4tbqG1mo7q-YpseIZOIBlFawXyUy6Ck-UUgeo4dfw1lX_p_Wl3zpxeZN5gHMKsQYb_B6u6zNESDfhy8cYkfF6-ubxBKxlqe8cR7edpQ4wGSpkYgmTK2AZYVxW_PxcZZ19kMuimvdC33MqPKe42xdAg2BkUlrsSpWHVJQx1JZ-t5OGswPPsY5dCIwoe3L3gt8u67BLvbymcyUsExUr07ol-40OhgTkVlPBOsLGsanHq9IJ3Vjyw9dX4uvf7yXEgqnebYbiw4jczKTp42xOyoq5Qy01M0U3iF4rkUsYDzL4SuoFcYKN8CVi_hxq9bmnTOWEuhWk_CdFppw6NH7TXzB4wa-xktGwxjJVIXZKynZZtQLypheiDhBzGAjPSrlpx_4LzykrPNTmmBtow_kCWSo8Jaa5B9h1aMOUOtdf7t1uO4Cyl3Om7jFwybqYZ0VVZY24s0E8oTdG23bnvmbFH0RXJ1fqTccGKUVh4oQjDXbgMuRNSH6ZRnhGCSxEo9apQiNqQXVR2qlYDJJLmHnqGfNwh06AAGLa27AUqZCU-NvZNfJatJ31n8C_laZSGSWG1wUv5BHJCEI3yb1vFK-a4HRRp4W4A22wepqYxd9rOsUe6beFEuQCar2cyS7w1ARiDAoZYY_0qKAk9C7NZM1JrpWh4QJVJdpp5Vjg7YRY_xb_AwL9ouiue5YONtEOKXGl4nxj3rIkB2OZ5ja46qNaN2mz2Vn-luVy3qZG3lXJesDsfbJ523CpO4FSwZFS9wAzm3nPCdDe_44RJh19wTa0p7XD_fVBgCkg9-PPUMeyutL51H1IHdORVN9_LnEnJz-crfJshTRFsvUM3Q7xABfSEfBA-cEJWlZvLP-hFOrnkKe5KLXdGQZayXTdZO4EQARKhgLn_C89q1ZN76RZuQBLc9rKlxQ3DCy3-MhgJuMAiqGT_19Zre9nfAlNAmBPan9Z6v8CWYqmhu4yXpkiCNeUl3hXPLJtIDcGVDCUbB5WztIssSRtNpv4bEjSSOVhCusKr6T46y592e026-qlzk5FWc9xz7ZJKoVyLCh_xL7K0v2lWydEybddG5H6KH9c0TpSxeXzQoCFTfz-wDPZzLu6jFeWrQce5zoBLztKhFiG5WXsi7IGK5N5kVD0cL1_RZU24CoksArxKkGzDTKzkdYKi3ABWPBl7wNRcYpF7NluSADx9H9FabfHFtGz2GywsIfYRNGQFYRrE8OUCoS73Hi2uOgPu827nOsR114YPvCvt9_kBkoEzCtXbgdgUrUaZEUPMcdQ4Hat-Z649pP3Efb28ErNIprRGBcvcx8lVcL4XDKENJJcIHvsTaUCoNybTYzpq_zDfB4TKqUC8vJyES15s1Zu5Chj6f1UMCmlc0IOrTKuVDqOWidvqN84YWA3uuBJt0sUq5doqEJmIcaVKeX7Fj0SJSPR5YVIA-0yu4ILwnzXQi3xfV_EmkNKs8zG4JIAa-Iqbqrj_sTMWuqzxKzW2GHUEOJgGtwmF2r6ol4vTH-BEVrCZ9CKzeT_ieSSPR2aFOn5E9-V5wUWZT2EhrEBQordQcTVuv1Gx40OieQVBzq87Tcriyb_x-dIa04LjZPvQp-dmD3xTKpMvVNTk2m1U46Vfafwv3nqZMOheOTD14Q5EtOL326genZH94zNtcPqeugWZoVWdvm44HgGGylDp9Ms8FF42_x30UpiF8IbBCKo8z8OeC7Lao55pWOLbuxFAq4uoNBdhLssPppd3vS6pakfTVz7yUJvLu3O4AayGx7TLDRRpwlYVx3ViNY1Our_2e2yzZSNnNWtZhLZRLuDTaRRXB0MUJeQdhK75L6K-xIlwN9hIuiJ0yGu-AtEmcNFnkoK6PdxNewmerOsDAiTs_9e14Svvknt2hzXTkjri9FLMDqta7pqg1y8oWqhzst36YfWvtycBjUgXzCqWHrjtxYR4A8Z7htYEE53_xtK_AHe-FhEe9ZEMRhhwlh5DwMGGbei8CArNO7SjYOJ2gYn1EcxjhlOVNYV06p6IjVXKOX3_Nt7p0GVzmAFNKh9OmvV7FH_3P1OhqjO-I1WrDB3EaER8GAf7Nivc2FeI_JeK-Vbzm1DwVS9H0cYzkU10wLyEWtC7Vlu8T_6aYhfYTwI3SP_g9XNLizq5CWu09EBsG6NN7RxMDcyAqNHPRMC1ZS92eLhSS7hfrgBqBz3-WdZxkZdovagRSA6xESSybC9IuK_GCXgOpi7z4KSqe3rGILFB9dmON0xxszImj2ioUJcqzqK-6HTv41z-Yb14riCJlZa1N_6A22JsBMrKrZbO0mhCv3enIWYXrhtbi1VLgRp6x2VnhjbtDBZLBaSMXMMfS08VxQ92wouv86MAnFgkvRikiG3bZbE_fduzQSkn2ekTKI_vzbVc8jPvS7EHHtAIgbGxPGovpdQWUF8mVGKikdnLN3Qbq3k_Nu0m2U6R78vjaFhZIRuxuTf22JV9-icAMUaMrjzlh1lQFZxghqs0S1FLuUFvPvo1TbHl7FL895-DMaw1OT8MeQj4dgYISFMQyNYcq5v8wSfzk4Via0CXbDleiwVQyhY1qpWW4dZlnTqQRIctwmqS5b9gvdKnsmzokAMh5hF5zgrJXsPCgH_TzhSooRQcKfOXfgEiNMHf4v4RNHieNGYpGgNfyufhyjRGn7U-3gxk0DXdftzCl4Op24jwzta7l79U1zaSAA_3Ib0LrU8oN-hY9-UbJwe28VbhC5fNLO__75_aW5JS3-3L098TGiKHzx9SR1Xm-uSVstigge5ErngGcNRUVRY4f1atMEu61qCwQDckC8RSRkblN_orXuQy6kfamc1xdBH58eew&cid=CAASKORoJrshABNBL4OqC1vFz1v3g-kTOr8ShLg7WPPEZ6tOX_EXxMIkuus&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

672c7ab8240c35a6eeb4a4014102440532733269059ba09905a9da328da0bf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 06:13:52 GMT
x-content-type-options: nosniff
age: 142408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21616
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:36:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 06:13:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame DF17 27 KB
10 KB 105ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:39:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame DF17 8 KB
3 KB 130ms
129ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:43:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF17 0
64 B 324ms
153ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIC5dAXKQOajEwLh4ScL86UYzLT9VjM6GSye0s_PDJuzI0oed65NPhzs0tfguXH8EDLfQ1GqbXah9WM9KtmH_ZDsu55KYlGbIDcFYZdoaB572hQchmVsqggeZ8Dg3kEReI4N_pjGraPJNrLZDW9RbxJyfMAKLwz_LDbNCb81FfTiZfxrY899lIvK4fQcBzXexgDPBGkVo2ee3LrZ0TZFcsc7RuGxl-SK0ERn2wnV23y2Fgd23PzbwMC9c8xfSBIGLCPtBorvVcAC1RIa9scAKGdoUl90RqI9YVweqLxao6EJ1W5X4hYk7QbmdcFOEjfiQrELJ4fnEaIcg72PWHKe_8XenWObvjvRHr76MJUohRtDg2IQkRLblsJ4WI2N5atVn23MgnB0lrs-MUQ5FpJEo6RMZL1mpsTH4Flfd9b6xreqcBFsEolpyZjB1W4GJwBo7darZeeo-VVxOTOSKSEeZjBMAglN6y6USGnB159_qd1wPxuzGgCbJb_8h7FrkQTcrIZPHiHjUNz7qitc6Xz2j-httACNQq-JSkC2gGB3FcLiePbVBLf6OXOC7WP80whfdD-tTqDOKVzm-9svlBO7Mhha6VelAMMGbjYpfgtVPk1CdGR_EJIKnrG6qq4-SVhexiAZbiTWGGvBZmLp4HByiYdxtLz9XvW4A6Ogu8CUFzEu_YBulpoDE6rRmGkphdxRuo6CZ8jCANC82ombU50ghEGI3bvooNYlftU9ycr7FepOHg6xNTdCVj_QRXQ1mwZxziIQ6CQsloPk_Qh3Y3xijXqfBcJxH77u-vsDBUtrafemv7F9e9yH3YNu94oNLVyI3E8wXbInnSeN6F_-ajCaHJWpJb_Cfa30QItddoeK386-DeSkLsk_M067Go9SK6dvQ0UN8SlbrpoR1g3pw2H8sSj0k6yFneSd3yYqV62EFjEKohU6MPP_fREz3hw_Ku9XXnafw4laG1mJ0uR4dETFbvSeBNKFe9QGSQMuWhPF29dXHWWluros__Ais37t72yoxf48fHKZuJTNywa79dnJcd_o7nCgFqJAZpy8xqTqrno-hMUasKXv_wYvYvpzkSgOCoGB5u5GvT8hDi04AsARvZ8Eqb3KvrhRw7N6Ebl9BwNEKLdh_VKxgXNBqMXcP9ikZCC5qSDdPugwI4iCn6HGG5GMZdDHZBW1BATxg7X7s&sai=AMfl-YShw_MLew8etKpP9AY-tx6G3cGQaQGeAg-UnetViw4JnH80tONS2ePy5JsJh_BCq8riazmljQK8WkbPRUGlwUy-Ypdo0LlAVcuFhnsk1Vlmb6tyGz7sbgjVKAV_cN9uEdO99ok_X7Jo_rzDX2vqYc4fUHhZkoIjHlZp-HEFuDsJV7WC5gA888Bg0sd-o7bR4CWk2O3MLqgUfNUTjkPnCr8EdBE7hHRTQw&sig=Cg0ArKJSzNdAr8vDcX8tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220525.01164&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 27 May 2022 21:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DF17 41 KB
15 KB 259ms
104ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 11:10:27 GMT

GET
H/1.1 200
OK img.gif
t.6sc.co/ Frame DF17 43 B
774 B 526ms
316ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.6sc.co/img.gif?event=imp&mcid=62826&cb=3823518970&pid=171684057&cid=27595641

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 27 May 2022 21:47:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e1b-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 09E9 27 KB
10 KB 108ms
107ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfKttZp9YI1EV84JF8n_QdiLWss2u2CwWqu3gXPhdokdjkUvPrKbVmNi-U1QmHW9p1MlCF1bx52TMNaUcZmTIlLRs0tQ&cry=1&dbm_d=AKAmf-DKu19Oh3GBTLwl5SyU4NEhC9pasuOLcUhWjblh14t_VQB6H66PPs2k2affvZrtp5BZbfjNBXz1STAaGsb5QkvclaL1_GJ-UiKvQ9VYAmKlCaXehLz_CjxeAX9JJy6El0EmKqJ3vE7p_w50Zwiz10-Bz0Kc9bVIJ7eX2i9pRyOCmMlJYTG2H9ODurBYgiBT5K2cQ8nRBnqILslXvR16HwhMj_pCsl3FjXTCKxzGfQqKkdVAM0Hyv70V3e_wGvObAePoTQRMYhXCeYy7DsU0NJs86QFXIXIb9fQMYYBwekKHya8SpKNdFMtns0Zl22T93tv7Ayk9roy79e-Xfz8j9lXaHV8am5O-iiAQyvm1izDRc0sD4hHuliHl9N17m1owoaksmHf-FncffogzHKoolIMpr7k--oODPMncJEQV7VrKFpCsu5avo_6Mx3OfvjdUz7t0wYf5TUBhgd9UaPjRojsXTEIeCB5s-3ui6DkT07daZTJFLR3hmmwGArJprDiOfFJ-2wHpDGGJibqsuzr2-pNwTbBjYSpgDc6ha5Fkzk1UKqxxpEccIEPy0KpGoVmVLwSxh0Mged-dZ89i4T7y395lIE9Gb7aOm2MPMsEYppoJPp9yEjuB3kjsSDeSRy3zOiiAhFCyHkEdIIDIa-vjcDg848YHSZI7J3eEIxgWKyvlwgzN2ffWsNzSwQxvIs1A53UPsm_JstfsahjkuacZ59EF1KjdEw-tc7qMO0tt1mvW8_g4F6RoKXB3K5Zg_Gto6-FgompnkAuVQqRLZigpBosC5t8au7veo75wp18JQj8NR2vin2RCHrEldOdvH08ZEN81gsT2d3dgk5fC-Dg3-bkZ7D0Xi_UcnAu5HIbeh-hAWAdugREc4N_CYg0sTg-9CS78yFfSWr_jcioWE3RiQi3JR7HnN1yXUEbVSq-_0oj7f3ATJcJI7O7OxOl6GcN2bB0A28x64urH26wkRNklfXS_CNQVqGMH9Nu_lXNCrz7GImcG9QU_jCJd3iVajJ4UcpbWUYi4hQYS-xguCsmagloNkhPIt20WZPBYMFUsorSX52oNs46icyBWLM2O6kI6peZ3KWZNvexV3JPXq5RpJ5Iozsvi18pxDiU4jiEOw00y2vH1l2AZNOO7jqybcOP7QRzioVel0k6qR9y6fuS_Y-IIBl9B17cfOiI1czNNY5afSeg3m3tl2oMJ4Tmb6KRLvrSCRCDfGmcZQ97wu1tvMj_41nnU6DznSCGg2oHqZah7AmY-ZywFLSRmobjOthrvOn1GMxB_5Uyv7R-ztFcB_LGSA46LQxN-raWSj5redrKRVO1LL419_IOny8HNI9nGV4qHqn_r-PtDK4Pigvn2u59dHH1Jsx6vDVFl4uESUmQ66SzGSGNBeqAQiQREoc7uHppNsQRJRJ82bh_CNW5j8hi0ZpXaurr2Dqe8V5_vNepK2cMm4e5r-FgcVY5wg0zV91lASbtab4JqYrFRUqHrKzXc3vxasGu4Shu1wlO7dTFEda-ZODk0--evtQ36caVkysv0dk8NnXStNYgirlBm28-oo2vyqgom7EoTltMoHCFjV_1ji7uHEZgzMBms3GMzdyRrCWIHG3ebSzkD30UV8-XTGHNiJQx1MMusi1jmeJB4FGQ4D0vBtbntQ8cLOtTqZp_3d6kFkuSrvTm7Ia632E1jIVJMheVfw449KZl16kAG7uJzG2BgfjZ6QCJV2-VxFYFVgYHdsbSps6PJwSrf7lIbxjYo6iRZWy6H6GfF6LpXqokDvAE5X7xlcGdA2tzeHcbhBy31A3wQkXq9I7Js5dbSiszdsgbLuAuwfMVfGclspn6rNL5MFngj2_1_Dv_c-TidE4STdZ5EaPbBwE439RkGTdtxOVY8H8KOVhxiS_G4UHNNMKPqNVCt6mgN_7hUU5PpV2QgQyIJk9kbfU_z_MrW_gmJ8c94p5yLao19Pn82iinWLfS5deP1Dk6PZ2ds6qvIFXKqXcYN_zV3sn1S7ExEj1juCfBJStUGQPLfE52NLB4osSRFQJZvv9C9j2kPqz1Wl55lZh6oO9iC-nvt7HVvO85b7yIeG-rsc7KBh-_XRuzNNpmB2pgeF9f_5Y_lY_h_HK1s28dnLws0oyAn1LUXYOf7r2oamn1btMuQCoP-qIdE_KH9OrkbIRXiIVIWNMm_CBJNK_0heuGJXQF_MXhOMA37WsqjFc7RRwAFmMZHODA9TiabNf3Eaw5AuGWScQ6DtYqkiKec3HmPO-8VmD9dAgwC6apjpjBYxDmbuMxIvY96VfR99I_B3QUCtPvno4aYy66oty8CM0dGAu4ckmZVv_ppd6AisGfnII5tgGTwVplsKXTF_bvtleqrsh7hjWuUXuWdi6GT4_z6TSoOVhvDuiWyXtUogvxBHat5FAwbT3l15MxNs1tYwDNi16zeFcjoJ6xzKowiOTdiU4uOQ_CPe9uNohfwmY2gvh3nlYEjPljEb4mj6xAXRXEJH3Opu82GdUy28QeNw29zgg-xcb-qnzh_Qqr_B8uuE1dq6S_CKPZuybWtF6lDJGs03jhBT9oy8xIGP6iHgFYfVo22dkmNonOIIqOBBkxNlO8h8E1ZIP7W8Rq-R0X0QSbd_RFl_UwzJv_AmacgrqBTrbY-1BW_rmPup9mmiUVI5Q4wOJaxkJVR4wj4V1HQZD3GuE2uyxx-K4eXXhATYUCQsRAiZSe-YnVhapan1sjv9BjZVB-dODJ7nFLSW31Watd3gZ5989ydUFgwdt6dkCtjgD0UNIt9iyu-k-GvApB4wEtnBy2U8DUX4FdJ34Qqc2cDM_vv2W_OeTEDmGDQnRmthrslojxFNKIYubfvROvZE-pnmXsV8tSzDiW8ZNsv4CFNDtKEn7OqKFitBkhfrbqSyMxbYEJ7H1xmKUzHjASRmCRdYZc4JalYND7MtbW55MVs6d0c814mUCHhj03t6vdXXi4lz2cTkx2-SunisVDRGE2niN1RNzkP7Cg&cid=CAASJ-RoA00PD8IfYnWqKJWv9P46eqdE9YeIoRq8qYKfGU2WNcnj1uIFdw&rfl=1%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:39:45 GMT

GET
H2 200 141531137257572108
s0.2mdn.net/simgad/ Frame 09E9 16 KB
16 KB 428ms
281ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/141531137257572108

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

8a885929fa3088e048ad2595147b8542ad41d59f882cf61c46cdac8e98811a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 05:52:53 GMT
x-content-type-options: nosniff
age: 143667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16259
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:36:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 05:52:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 09E9 8 KB
3 KB 158ms
157ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:43:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 09E9 0
64 B 292ms
151ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEwMTANEPF-v19ph9MP3N8SPsZ0jqgm6xArUWb95_PWcZozxsWk1m2g09emY9SOPwjRbR317RGu9V1YvLemBbRaT9PCzLl4PTB_PIHwDGJozLyzs5yNW4wt_KEO6qCE6b_u9nGmMjUYr18gV3BJ9WZp_39L-tGvkmXPShz-y8iY_bPVX_vkxhhaVpQfqRYJyRyvxnrG4OuoTtYnBWFrk4WswLvGjMNujl8bUVuP4NSarvWwee2Bd1Ec0QFTbgxl7QJznLheg7RyVfzhsDA_Bt25hTuO8dTBM_QkW6EFj_gKAkBvLLXmZAl4etVxhSg_iXwSTi7C0uI5jIN_uo7oT-C5oBJM0nTb1kgfAIuCmouxAGZr73fuL4cB-r2Vq9661rAfp_rCoygiYr_C09ByX8vjdPtDxfYo70ijErgq7vB3u-KrKhBPjQwcAbKcLk2LMGCTSa2epfgaA5M3Os70m_0q7245V9Vh1ln64fAlGMSsw4d5SBzvmUicTkBBRR8hZECg_yARRU4ACYCV_7Oa87dENlJuTAvTpg1EEqwkjSuUUIgDxnbjFdj0t1YRt_MqHAB1ArStrvDRnmWPwsQF9LKy_NKgs6SzNHNyFpZ12-JPlu_V569xyx7vbcRBWS5-qA3h63MNF2mLn9sRjNlgZ8RpxHEeOai4CzxVGbmbAhb_A5ri0l3ynIGkPOC45VIUs7tK4t9GIabtwVyyI5VKXvtEo2RKFb4C0uU7jCOCEShHIIPWwd-wsteFlJGMluEnLNHrAfNSl-AVSQwlmtwdqb-AJUqEy7EYGvkhdbA54GRg7Ns6SVEMrE0Zn3_t5fKMUe0iMLlK6QNHuXmN2l5mwoLaV2hDcw3c6BC6PyuTyYdU3wfIe0eP1AHK_ElbVAK-yYGGW7IWb7fOVGFAFhjKYFQQytHSQ_pXHrw32B0CPrxFRH6huwrUopg13UpkpnB9xbaqJm1RovfJc8UAcrQpUSxmquXWXwfQKHIvrb5BcT7iIqvYfdlpUSGLptXum_7Coa64lm2Fr2oEh1NNwFfSdtINQJpVVxSvV5tWrPTuSgsoIPGPusccFj3QVCx3x_a3aBc3klSosKoUN7betKBANxnhsiaUG56C8wVUBW53Z2cpRu7TzksvbVmGGqgqaFdmOpbsrsLmtBMVqCvWj3XghwjgPyp7Ri5PCkiSuxqUlywxI27KNU&sai=AMfl-YRuATwNJOXTrsm1qPGC8QgzsiUbMY4jQrmWfu559dIHKtghvZ0yiMPi4gXw7Z3ImFiHUyqs9KKoRv3SRwlkJ85aV1Entp1WefzBUR59soCH_37Kt4CNJlmpICrCSaxuId4WnF4S8N-tH3VOnFx36H4j5tVyir6LQnoXaGSH-4Rq0MnHxnomkxqMZf0PFbNnJwEzjESVR7CywewqXFZGV7mZuJs9agc&sig=Cg0ArKJSzCpA22CZB5osEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220525.57669&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 27 May 2022 21:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 09E9 41 KB
15 KB 238ms
111ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 11:10:27 GMT

GET
H/1.1 200
OK img.gif
t.6sc.co/ Frame 09E9 43 B
774 B 515ms
296ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.6sc.co/img.gif?event=imp&mcid=62826&cb=3980419959&pid=171680058&cid=27595641

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 27 May 2022 21:47:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502814-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 141531137257572108
s0.2mdn.net/simgad/ Frame 1BDB 16 KB
16 KB 374ms
245ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/141531137257572108

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARvXgEu6_vUBYrYZUuvwNQmp6NW6omr8za39LdbABBWnkzMoJex0Wz9B2wHvVMz3-I_GdRpRpWHSSKTzBdhfgjbkyt2Q&cry=1&dbm_d=AKAmf-CgfXX2p2Jn4M-qo-P5Z7WguDED_YYnWepAPO7NyiFgibg8LZhKQv3b3jGeS9D8c7lCeXU8ltQK4ChSogSC1lERB1o3-lnPDd5-d6VB18fBjjanQaJDYH6Ao45UPMeWwaDhWk3nz-PjOg7veJaEpHc6HJ3b77omD0ZQY8knJCtfzHmEAQK9KGn5jZB70BLeogqOQv010RGnfcod59uSl5NEi8nsYCzf8N-zZUAGkJGv8CtcOkpyT3e782iTcIKszZO8UQA3QcG2CfBL3wd-8fuYWedb-GfvaXpFDcNfFZkMTCyaNPLRaTLgeKzd1x6zurszCIk7PqitRrbjLhNU4J4Vlmz56DY942Fa5V1EOrVxqhf42Zeo3ltRZqEdWdjVAuhuc-izLDvfsRodaLDr9w1I4-3wp_0264oJ-XXF-DVXsSbPD_8eq36U-pnd8N0CwsSF_mxFuqF1RwW-R4IW-VS0PPtequxXQ9I9T8a7oYmhEUqZOwMFngj0XcNJrF2u1GanrKWgIwNy_nhIIYwxxH56z9vGZLb2916k91oRhEUycjMLiGG1MZQYMtuo7ckO4PnSrP_MBCsFhgm6f2Gjx4AlPfDcytlSMvkhKouNnLVwitadg7kJsmEC02rFx3-G63DxYE5ABesVtBOz_IgUwdiuUCGpdMu9y5AdSEPogloE8ietbPz6QpD3kEVHANHzW3VYKWt5AZMVVZVD9Kx_tth4paEO9mV2QWsOWcOezC-73T0s96u06px6CBL4KjEYbsxRNIv4oy1AumaF1_8QnPGkGOkqm24UFuujoEoTzbMU_CUlUeWk-jO-XYoG67idIXuSizJ05hdlETm51_xepdditpPK-oJbR0oSLUn95jhgIHVJN3JZYG6qljiYwEvwQ65q74Ik_KMAWBjZzWWUEYDrlGd2ozUVAQF_EpWtZkQHG-HWtkfY-l8O6p02Riw417a_yhfbp2A66x7W_o8Et4GrmKStCaeaUiFcldiPU-K1DxB6NOhvjgTyVSmz7S20_sO6GHHPLVkOXX7s4UnBT3oGfxHkrow1hlEaDurMVIycC2rETDdgyvKDvnEx6I2sHLnO6fSZarB0Kn0EglZWCQK8oX0TLw4J2TczYQTv3lWudruz6T8eJAVrQn1KI8G50ZQaoM_d9Xh7NSpTlml7Wj4mBOHsTHxoOXAmoYNHZNPECtWaA4LhkGbwQGxng7VOFEcZm7_6SvLF7vk3-akqvS-iof-SAfJflmAI2TK02zUXxah2gMw-nP61DDBdL68RYxhtP3-LLBBF97Vg3xcsIRZ-al4i37aSrMrp6XLNn3sDV9rF3sdAEqdcGNjedYCH3O5-L55okiTfrvwqc4aqPekId-CiWPn6zF61ceZczw-IIDtDB4Y9YklHl4qWDjIoibg_HJxo6eL39_2vMdU_55BiSWr3W6uYWt0KJyGtdYuTiyXG8Q-YtMM4zRxGkt9wLkHeSb-Gq0GBkZrlIUPHQvCnJkjrqvNMzdLfbGezahdifIhGVqvwCV6R11tm89qZKSesgjlA_Dgf5OQXdXontEkRHnrCidpum1l8g-TPy6HZXFUVhpj5UesZXnBFkKEBQlCF255q5nW7dFIzrP4KvimEtrtkaHjNsULQi-AepMrskVIIf9M22tC62RfYFSDYO7VPxvaJXMbt30aSYfcS6Gp68rnVM31q3cOuxVvh6R214d9KHf-PHEDhFtUFGkjgUTxgS9UisxqbxsBxShFfxOFZgeJlTRrVMQYQ5l3P_MxhlXoDynJiO4VI4N8UBBUYtEOqYNFWB4Vtq4GQF3OykyC0vr75Rf7-TGU-NHYYqOfik_8avRLTWYQzvFc8l1L5FU_3zaHs_jgiD3awDFcTE6W718fzlgJ5UIA8xRlgEpb-3oPLDZlAYNT0EkEmPJXAoPbTke3G4PN3fkhN7nZlRO5pn00KBXHOmUiRAogtA4ChCQdd_dtyc1fJwpW4SPCJP7_8llM94VzrwskTh6xpV9ArB2KyeBY4wx23z53-ooAjOSywg8DaYc-1LbVvqMysAXXiI-ppNFgiRL4RzKQ4_STY24a8uWHRmj_OKzmAZMpG364JlGyicGry_zYuz1DufRYa3nMy_V04QmdnqW1RrrMrj6UI_LD1MmdcWtont-sOYTV4IUWSIRPBfUeRs3oVMwcs9A-UKkbN5TWYtMU4D_lpjYba69AbezCZu7vyi5UqQ7DaYb1ifXBoYDAEX0rHARKhmm2_T-FRBSMA40biOhnlTXfG6zWm8Y2ELhCylYzZZblUrT3AQPCwSa5cAe6JVURSgN2jv9r3LtKN_LwvvBIUowYz_fShm8r0hAgZWtUTE2MrhQnzf5_1oXlUSJKWA97u24QvYcTkE6nFJMppGVGGaM_-hsxCbppdJb6k57Cg2QVkDrqR-1QyZSJvgMVnucN5oIhZG2D-evmfyHdioJM_F41-0wfzy4OXfT3KerT4Nt86jcxNavMegCUHzOZJ0-_uGi1cWeZBw170TPtTGcBNVFc-tEuWbjbDSZQ2AuH9iPeZR1rEY1q6S9ykcpy8B8OUvEVUBNoAlGU4rJK9cNZaNo4lsctTkr2FNAfetrPxhAihTCnnAWzwCyk1UStc1Qnm9KHWFaQXMHgAIhTf1sZHoxfs9t8-gOxlJNUIk56GfeqEaGnf87UfozZ0iOoaSxD8RzZv7icj1tIqXc4cuV_gC3JYjZmqm-qLxPSsOD6L8B9_59un5U9WdCUfVtAy-akPvOsdr8LPctGEkRiA-27LSeTOaEnq1LHkKGbhh4w7jnWt2ehrIWFYBgFTUDpF_GpVcoTCRFxJEtUj93ny1oLvGhhM2fbwrcWeSRMvPs-1CXqvq93Hamjlp4yKtV7Vwk9s8mequFbMFvZ9j9jlIdJ-m3yGex5YyD9Md_qTbStDOAKEfx7I464A8x2nX4X1KhiTH6xYe0RK-FUFl8iZYYtzGpE5o5KqED9XxbtGCS8zRhLjt_Q&cid=CAASJ-RoaNQbSf-gfK6GWj6-G3WU9yzazpNyWK88tkhD9_IjthGN-AlRqQ&rfl=2%2Chttps%253A%252F%252Fmobilesafe.shop%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

8a885929fa3088e048ad2595147b8542ad41d59f882cf61c46cdac8e98811a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 05:52:53 GMT
x-content-type-options: nosniff
age: 143667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16259
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:36:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 05:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 1BDB 27 KB
10 KB 105ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:39:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 1BDB 8 KB
3 KB 143ms
142ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Jun 2022 21:43:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BDB 0
64 B 279ms
154ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSViujkw5xXbwnqRv2SKDjWa-XcEIITZGFCNz_tvr9Ts_EUOe9a-bqYIPfiiQbcu_EywhY_hAASfy4UDowQ6ydt83GeubO0S85VmfJE4dSzvbtal6HHaGiAPrpLuVlkdn5zzEEN-hQlpW64xjupWUn_sIwH1DyT9-VROJGA5nuPY-Mbe2EdXnwbGD2XuV_XXSEEx44EMQrpxXot8GwQeEJHqxHp5DFL5LGk0jQfUD_sElNeL5i0F1H6oKk7e7LKJ53kk4yzcv5B8OvL-tUDtJiYolgEIIQY-jAUKUtTc597RY4x8QGWaTTliNeIwL4FZ2ojgrQAAKVhPnfpV8Fy0SdscvnyOozbypypeszX9mMYCOWZO2a4VuTDY-HEMnixXKq3bF7dq8INzLMaJrGTPjUrfdlr9jDYwxtNxQC50uAdNAKH8BvqlHDINuFNxuRvZQu2F1qnwsy5o0gq5JjbKhDr6PSCSNfXrfDtJ6LqOGNLvrKSl6Ab6lJ6535gC72m7uEHo_V5aZOpGFzJsUyvQ2WLuZivJBcDcbgL7UgZDapyzEw_u00mAQ7VyQ4qtwWo0DB1CyGJPIpuaY9F1sV0GuLyPztYgvZyc7NXJiC3tZ4P3I7X7i2XeeDI0LEGpL4oF8uPdvLH62eFYO7a8DQ6Mx88dzzUoWSuqlE_Z6x3hjNZyaD_HgDhz-MfIGJV2_HPcTaImCY14Ryf04x1vTY46_SuU1dppVOTdFwXo9peF1qSy4N5-Kc9ue9JmCSfsR28h7QD3GCk7otx1O7E1yOtPSdLI7tgif7SX_lUpS0FqOgAh3uj_WHbNFN7AGDefUhF4hUtcBqga-d3iNyi3eIYe8NU8yzxxi0X78lPz3nrvr49y95ur6Cf1RyUi-altmA5MPFiIcfIJ3b4Og1rwGn5izLXewmrmwtZ71OKPd_fUoOy8OHBwW4Iynuv0hP4gjmNRfXjd1nlUiBWb38CyvFGHfczsNfrQO06zehdt-R1tPBkhdzNlfTAQ9csEiijlFNuaG4gQY1qpziPorNPMyownwUeZ4ZmxVNFTibSlwlKabZ8bgxitQJ73p0VMftEI3638ULQ64JjwrgcrqA2mkU13vyB0nD7iz20nzCrmD-ubSXEyum-TSRBAPzLW-hFaPM0EqHCLvVHMrd6nCDmKRYiEvXoI9NYamliINulpJxFym6kNLtLh8mbQ-L&sai=AMfl-YTkhvc2ca6ld2V7qEIl_Goq70Ti4hPKMUPt34nqbUtjZ_ddNfXgdlwsQv0Dh-XoFw71SNyFH0EcGCPR485pMhqtkjbz_A4fkYGCd8hva31jBLs4G1lQUhLHFkXz1uEVCvs49XYxeVzYhJOu1_L6BJ-yE9t-uiwLUdM9q4bMOe5ct68O8sxbb63HhPWaboGU8NJvm3IFkWiToVjcya2pgX8QMFutwDo&sig=Cg0ArKJSzKIf1cmw1S6HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20220525.31906&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 27 May 2022 21:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BDB 41 KB
15 KB 326ms
215ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 May 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 11:10:27 GMT

GET
H/1.1 200
OK img.gif
t.6sc.co/ Frame 1BDB 43 B
774 B 775ms
569ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.6sc.co/img.gif?event=imp&mcid=62826&cb=3202361558&pid=171680058&cid=27595641

Requested by

Host: f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
URL: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 27 May 2022 21:47:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e1b-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ Frame 13A9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58dc2cc80ad8d6fd73e30563bb05c80bcedc8144d7bc925ef8928acf08b22c2c

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF17 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009c344e95eee025f583be0f793ab91b2b2e27264b41e9063b2d8f369385ff7b

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 09E9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1a026f26a6fbc3f286c7e0c1183eee625c3dc2430fb2cc85a6a03f5fa4b6409

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BDB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d99f68e77d63afff1b3d1f6a45dc7148f759365048490bd8909f0867c641d02

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D353 22 KB
8 KB 109ms
108ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 124613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 11:10:27 GMT
expires: Fri, 26 May 2023 11:10:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B2CC 22 KB
8 KB 108ms
106ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 124613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 11:10:27 GMT
expires: Fri, 26 May 2023 11:10:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AFCF 22 KB
8 KB 106ms
105ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 124613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 11:10:27 GMT
expires: Fri, 26 May 2023 11:10:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13A9 0
26 B 353ms
141ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF17 0
26 B 316ms
143ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 41C9 22 KB
8 KB 107ms
106ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 124613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 11:10:27 GMT
expires: Fri, 26 May 2023 11:10:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E398 22 KB
8 KB 109ms
106ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 124613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 11:10:27 GMT
expires: Fri, 26 May 2023 11:10:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BDB 0
26 B 256ms
140ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 09E9 0
26 B 219ms
143ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame D353 35 KB
13 KB 107ms
106ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:33:30 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame B2CC 35 KB
13 KB 104ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:33:30 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame AFCF 35 KB
13 KB 112ms
112ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:33:30 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 41C9 35 KB
13 KB 104ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:33:30 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame E398 35 KB
13 KB 106ms
105ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:33:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 332ms
122ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

548270ca489c627c8133d2929da35235302889a6210b56c216d1c27c1ffad5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 May 2022 21:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10656
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D353 0
20 B 144ms
144ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B90kK50aRYrv5NOyU9u8P54Gd6AoAAAAAOAHgBAI&bg=!DwylDEjNAAZ4vKt9WLw7ACkAdvg8WtH_zM8wI7rrAFceaLNXqtAuU9Y8ammDxOWVNv4LpyfRk0CdeAIAAAGVUgAAAAFoAQcKAKfPcBKBS_I0PNQirk4xAhA4hrVjrTD5zqlAIunhpEwjj5mZlwidPOBPQK0jYp2NNuYHovfPhjLqrFB6DpzoIrBGN0jgJDfcsiUh6HtAOD-LVqvTKdHZ_sRjBGHZQ8CdngNHPKxVAXUXQbWAbcyDzWTGO1RceV4zxfB4ibM_HoZj-TlKtMKtoOx2gAFRrTFV6_ITgEUDfCUymM2J8rWRtbDTR-FwwI0TxpkC6ajQtcuAjq-3x-Az5VjL1SbQvxwiEEJ-bc4w63R9CIhs7zKam65rpLVnXBsAzX6v0zBUn9YLz0VdKddkPqbML_M4CKRW8hetxYFt42uoRPFbN-QhMZLQYO1XDHmUNhDWIP-9myLc2LilwbpRx8D3yYyoTQEIywNZ6yru1Lx4McGMtWxLfr6rLvLJZDFNTiAMBDTuCNGf4G7968SjTIgZ-HBLqaxuACZGRJXBSZN1uYqRUaAfCqBP9vM03hb3iQHoEh2R9RRPhEij6EtF5wQu8iQG7ZNhbanBOY76i5vQ6bFH6UeRmwZemZnZ9QL3w4Npj8KvdAC4Wg5GVHNo7igTELyAiwKpZePdKz7S8isNs8Juxq3Z4BBVcaV9-dlk4lUfc5N5-CT8fAZQDKLm0VY7cOhR864Tuh_KO90HIL7UzM3Jrg4wUK9_E-KFpWl3gwvqM6qp_N3qpV_CRWajLn9aEVvga3YfzwCuYLN_FZEZmbdrZLOkdM3mixKtQTlVSTdU4BrRlEZ-NYaNur-nms_3-f7CLzTNC8y32GmEkyFD6ZH1_tOI6wxuhVZrB9Ovn_svTMX8Hh6IcXOpqep1nUUFi-OaHEJ5cxYRTFkYo3lGzFgNfQwCxR302sYCdcGQRZ9LiWY4bShnfJLNSU9eiG7XJB9necPRbU0CZUrAFJGrWW5xKkJ2g-MdcXdXydlIAbEiIv2KTGTaUph3EaqyyDlU1VmkUnquPpqw88tG9ZkTKGODlZcgJnMQtzEGrwd88f91pjAsWLxf7iU76B5mpM-hOs-xtO7g5dj5AHc7sdV6zecYHJmNH87Y7sY5HsQTrdM_QgXQS13NAyOZlG7UhUR9ylWpSUyUjs-rvdHEigBnXjWwe4K8grIcrhtzwMGZ-Z_WGklNSFQR4nA1fSECamT8Ods31bHuwZltd5TB6_gg89Y1JsqIIIoxbCAn7elai-PpTNWbE9dShK4R0sHUsPZosnQEa503PRYqUhk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41C9 0
20 B 145ms
145ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWrKO50aRYvOsNuyU9u8P54Gd6AoAAAAAOAHgBAI&bg=!JiWlJWHNAAZ4vKt9WLw7ACkAdvg8Wi2atzPBchMNioVxJjdbIrPS1P8CWHpb8_7bT1dAdHZ8Q7DtzAIAAAEuUgAAAAhoAQcKAB6pO7SrAHS_3wIzuGs5NrCtsVIQZYSFcRumEN3BAaSZA1eVayjgAjXUyGRLhGNgSX_cS0wXiG2MDrjOu_cbf0XOR56H54mVyGFiZlw_lra5VC7uEGQRNIpIfQB7B5xCiTNmLTdz7VMMQCG6cBoJe642pYCq73zFSVo-3I4TQQqt3VQF1g9fUildZqzg8hVa1A0fn_mkgDvUOPJOes4PGhTkfG5bIc4DH6aNbCAWE4MTtLU4hjm6n4XyuQ8loCXEDcaJll2219vK_Xk5fC-Y0GHr3ccXZqIl3MJ-IA-dpui2S12CaOpJhOgYt-v6arSugkkEl8RzBK7BQDH9KjgiSGUMibRwo2e2Rety-Ac4V2oJ0m8SiIzWXoPZmXfQdq_QSMDQbQX2RTvJ9INspfVdoQI6AsPxBQUBbiWNUqTVuMcLF4dbA7DSiWhvy_sVADBxzQky6gXXPIPtHrD-QWQsV8zbOAa-v23SXT18WgnqEDteyQD20z0Pw2ozuQjYFYbmg5yF7cAdD5uxsZAgwUOZyDq2ChkRZfyJwu2K3C5WEp8h_JPN0ZomYXPadW_dIlx8yJUauHFWiAwZtkOt3WAQq3Hs4hv7OiTee88loUveslVlsSjRdM3fWVumZW_cbgHmcb_z7m75Zir4ZfOjRH9D3ILWkh6fnppvcqoairCeh2wBymE9qRDh1sKawUEMCnn95EOZJay7eUAhmRulfT3HF6lqtVeDI3VoWkdOouAXE5danjbA4IVlFw7f2l7uA7ehfTzjIO2yli8oKkDuwSzZDHUkYocAZEb6FpaQzzczXppRPeg0BBtI0o_ich4n2WzOYEHzhif35n27xt8KwcFudCp35BBcYy9LnNDFIzRnb82rKuxHOTipidZSSOzHSgR7JOg9hrVoz4OAWrZocDBAfFsw1GJt33m4qtcpKSTOTmdT0i7_mI8hNLhUZYjYqcWkL5AuIbVO-mFeF0WoAwQwAdgvTjoJXUfPmiY2dJx10Ogb_Jmw6t0gRoUclHPK9Kuie1BOSStgRm_I9eEk1OFuqWoI8PPUgNj4ZJZSGzoyhxMlvsm-C8Ch8ptkvGT3-OUJK3elHt-jnAQ8ggaJGKnrzoLrDUN-nzsBbegKCDYouT55mU0Iz2aO3samED5F4ZuMTuvutGZpRO5xcFZ94PQX0KaRgdWG9CPcozc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFCF 0
20 B 142ms
142ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5jk_50aRYpebNPaT7_UPlJCKOAAAAAA4AeAEAg&bg=!VValVhLNAAZ4vKt9WLw7ACkAdvg8WlsH0AyIW1T1Ya4uJoponm_j_CS9pH64ERcrkgZeMIZCE4ICwQIAAAFeUgAAAAJoAQeZAzNM3r1GzFRdP6kSyfq-Pt7GQZKYDwG6eJIAYTgyg7Nh8wzxGvvbeVH9x1sCU8BEfUitegTUfKtlJq_kMSpkUudqeORVJC3pWuf8N-FyuqbNkhJxeHX0qu2mlLLv5euotNsbbbFyxqVnfm_fZttBMU5NFM7_sc_mqSrbWH9fhFxpAxHsMe5VoBnSGbKIqt0Tlu0R1ufq8tFD15fM0zoHtgfhyj3bmbVDHHdDD69Nt6z4BHzql95axlFPKmoM1QoWxgXG1SkPYazbTobC2VsPWFzZ6xv-c6qTi5Doz9zN21pKbjXHilLNUbm8j1ZWtFsYFc88MTBjHTA3FeojZiVfuDlnyCn_EUTFmO3MgTbv-rTZZKkM5bI1l1qLw4MfjbBCWdrKvWfgCOt6Tv-g7h8Y5NXxytddfZdT6NbN05UnSYEqebSpe5Pm8YTgybqMeBJNsdh3NwXvemJvzjTkQR6zaxGNmvdlFxlaKdKwMDX0uLj1yyKKRlnmOAX_VqnAgnS8ZKSg4jKMU9pOW4n6V-667-21DP5ND-gWrr09la1m5Alu34Y94zvZszILnlFvRojmufhMfEe-tnqr3G-7TyJDvvC4dYz3cIy0xQv1ouO83QYKPsf71ULrlkcFgAXJ8FW50yVjK3Rv4PwZPP8j-byiSSyB3SqTouEUH4GRbnv_n4pNaZfdxwE6AvAvitSv808uR-RkXa-2fVs-SVP1QL8d343mgXMtSH-1KcGtcaYmJN8ovOru1WNmJDHxpBehqy4x4kEw4x3CX59r1pWQ1l8ml2m9UfyK8Rb2aAK75p9xq2ITVZZ0I9FkHRd8lvvF-wDObBTBa1h2HBMlUVBDBZhwr7ZLfu_3ph9zP7tdOtr3b12R-zYrY9UqyyVBZdFalS13iqNMdY2ZUhwfjRMgzxSF-RKfy8u-CYRocYkrgM4o17icSdJf3dGJxtOLfijq2-LBQx482MKrEuk1_y1riQ2rl5CqAufZ7irBsSR64Q9D8yeuns62CksWa4vk49KplmlrWUXMpQt0GU-R0z935CGUPc13YU7GcSPwXQMHlnLAK3EzyyahtV17K6-Xoa84r_fcuZh5G4A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E398 0
20 B 140ms
140ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bsc-z50aRYp72NNLE7_UPgf-MqAgAAAAAOAHgBAI&bg=!SkmlSQ3NAAZ4vKt9WLw7ACkAdvg8Wps0QWnKh2z5nmRpOJBoTm0gaGrDZtnz4a6FSn2cjd61ApKHBgIAAAERUgAAAA5oAQeZAzZSX8U9Gucy7SYhRAtj9EWNmlLMbAP5Siy_-sVsP06lTc96XUDGf2nRdoP2MEVI0vdIfyhfE5ojzR69XCWEQvY_JppZbLYRElpBERGjtAZrSrtTyPCtNFj1SX1I1fV_SyWUp91mTvH6XIMVM7A8Z70VlrwikxKUcZdqsWjm9ddxyaEFuU6KJckcdL-b6xMkSM4xsJpIkgG2ohiBfsdXHJYav2aJS37iTTcyhmznWqbJgENUiTzY6NyVAXEVwzB0lK94gv5128OlbpJBkjxEGMVJI2CpUbds-iyY59EYmyXpg27DvMON2SZ-2Qt6gOWEq3irkFGZ58isFlgRmxnR2NVFwbV03Rk2fjUQFjDLDVhszmITjpd9JcNMrZdY1OFfb6EPumluE2me8VdSTxMiP7w1XAnoUU4Fzm23Rnj6xIdqdgC0sEBU0xk3CCTFVJN_EJbxRF9S7h6HVzpF_kw2BcOikbdClBx_w9huIfb7dPbyq1w3IuAqSUGk5WKe2syaRQLAojGfzksd_3I8dU82AoqZ7GEOVRh-NQl45-HI_mBRtbQMR8aZ2PUq2hTudtDi6crjhU1YSj3Q8sY4wt4WYU5XFbe-EYj18CsOR5fkcEmF4qxx-wHZgOVVdqu9Yv8lkNVNOuu9Mde591xDkknQ6vZuA8hmW4FKMOfghh4YpY1Ysjabc4Cn-r95Gt1_2dsIsTKjCW_uICQegh5txagkkY8YPe3BDWHPPXrOYs6tjDVxT3PWpx_kM7HyAYmhS5bPX_RiDhRoC2fq1WxRyRIOaQLqm_4UTO4fOec6peI6_tf1R3ZpOvKJXDbjjHx_esYgFK0XWeq75YgcPfDHBE9IhTzqKQs7ABzq58BEe-6-dWwCCzwHh6ybj81d00zvsyTkP04CSHx94vaCKPaADByzHDP16dD-Z3dNf3rqYjv_zyVBu4svpbOgJ4SeEKDc-uP4_-IzZkL3WP2RNn-D3b7Ub7Ykn73X7VoDC7FCI9FA0mt3dZL2dyFXRkUJUfDcm3xTW4R68wmNLfGdLgK4LSW8_kR8MChrtINr0fZyrjNhjaFoWDvRU4yBAOjgZO0M92S1vM3S1O70EX0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2CC 0
20 B 141ms
141ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4mPj50aRYuWkNOyU9u8P54Gd6AoAAAAAOAHgBAI&bg=!8_Cl8LTNAAZ4vKt9WLw7ACkAdvg8WmdJ4FSH8qCtlCbabsAbgnkjpsDGBDYZJiEW7ytQSODquhgegAIAAAGbUgAAAAJoAQeZAzU0hH89SGYd6rtt-Qmv1Hk5F4iemfkrp7d2xZBsr04M7uBIDT0e3jp6VPWkIC_06jlQvVLD_rIyaVli_Qm3mmmNiXCzlyq6yXuANKg5tJJq4CRJXZNRnUHfAbbXL_pjtTISw1l8jc8dDhfsjH8NzwbRQVoISkckxG0vyj0S1uj-GJUF79tOy5KZXXoJXsXki8-ZTz0EgPofCgZU0gkOov6wz5eWKzY3nqtppRc_QkLmIqBQ_SN-VEzpLWw64wB1BXbbAMut0_L8LhKmjZsygF9yVyxx2Pwb0eVdLP0BH-AoPpJWvljn40bDA2luHfODMWzVigV1W68ESBXco7WoCunBOqnSYlHQF-dKOBTR_3b-HQtQjFISmZetuQPE6oBKpfTwZDwtAHVr2HCQJgMb55O-qEfrsmwxG1TMKgdoOW8fTVZUYrzgOU_D2H9DEkQIN5tiOPD23oGz2v_IBQNui6CGZc-nuFMUVJSainNsLbzl8xB6PvGzkKw2K9mo0_mvGn8c3MIVPXwPq_IvCXNAHQ8EcmxHgfU_EzGefIa9zOhH3q5PKg8_5uBbeyIirCrqoUibe97YkEptcIOg8kBei_T5RkY3KaEkd4HuAK2varSmOElj8pYDrViJWhyrVhyEbCzA9d3VVm61aXHzkRcOvVT13gRTHeM9Ido6PCmCKZv6JYGzqDwGJbtBow-WrHOfqWVc9Y6YxsqeJ4lqEZjlPeIgEVoFGP7q0rrnoiiurZFPvu8ISDBfW7TqVdyUjkB4ZFAVvOJWAWSRb3HBIAhujqm1vJ1MCBbc6GwUgRQ4VwZpAOV855ulxUs5NOXQFvrW6rE83oYK8oCnGG2c1OSVkut_SmVri3bXF5KiFYckHfHKCkd2c2ZRzRVnqKUJCsg1mqmBXQnMS0sDivCEMUR-zrmtiaoHf2u6sK6NRXA7HYfaxCVe_tnTszmuiTwOymu5yLcqkJf-j8a5aMB58g84dilMQsW693wsoqEPoNz7pcMIsvHyjb4DL4iz7Ffmtfh97jd0Vmj5eggRnsYt2at85EjR2c9hNvHhNnRZ8mN2sLpLYTDOATyW-5igqiLeXYYyKlGv8eWP_w

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 128ms
127ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 May 2022 21:47:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 440F 13 KB
5 KB 108ms
107ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:34:07 GMT
expires: Sat, 27 May 2023 21:34:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE08 783 B
538 B 331ms
115ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

658d602d0e112e2f85d0099b46f868f666c530008b6d455acd7eb5a5ea317d12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kLp6j8MQXtIqK61NzK37Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mobilesafe.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-kLp6j8MQXtIqK61NzK37Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:47:21 GMT
expires: Fri, 27 May 2022 21:47:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 13A9 42 B
64 B 141ms
140ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWgwqccTdtBrXd2IRAqMSTXr7FU-e4slyTP6lAZRfP8ZzLSUSRBpvE9jfDwqy7PU7sdCGL7hikiiNjphfl31zKU3r1PYho-DpUEVa5M2tz1ir9ghgXjy7rF6Ju&sai=AMfl-YSonjEM9l00ysAYJA18Em5vmM7Ao6F0zt9IZfBJHztbOp6h4Agyf9UFeW-rQYcglWVbZfABtc1Dk8NAX6GSaZG4aaSJ3aA8BNPturXHPIigbggVFbEBjiHQRkoWCRzN&sig=Cg0ArKJSzBiV12IoH-LJEAE&cid=CAASKORoKt-ToQEz93N0Jl1ulvbvUV7qTQMto5EpnZ1pQWRAF3X9s0BPSCs&id=lidar2&mcvt=1013&p=671,248,921,548&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2032064449&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653688043034&rpt=1006&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF17 42 B
64 B 139ms
138ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNI8EFDd8iL2kEvAsA8ZXzzJVrwWzQYKAZcLinsDlXr4ZJQ1wtvWtTBrM1IGXmr8Cy9JTrEvgEXIihDtZgmXZOwZGFexaeJGxQYz5qBCecY4U2PF7C_rXS_ELm&sai=AMfl-YRMxcdypIWHcBiHCuB_72lBsAdf7opzBxmDAHkN_PZFlHxIx86DtsqCOqMJxrV8WuWKKOu2xHfm_z8M9Sf0Wl5YJwOL1aksE5OXLsfuEf85uZAUeX1dfxofjRpjRWP9&sig=Cg0ArKJSzJheuZL12BsAEAE&cid=CAASKORoJrshABNBL4OqC1vFz1v3g-kTOr8ShLg7WPPEZ6tOX_EXxMIkuus&id=lidar2&mcvt=1000&p=671,803,921,1103&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4103863149&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653688043020&rpt=1057&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1BDB 42 B
64 B 140ms
139ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMpSV3UOBbz9JZ-FIGsNzjIkjaUd8JEC-HSPMDoY0H2BLGjbmwSlxuE2nj41GIaQh1Cd_7JZDleVtTCt4_OOt1AJ-yywk1ZYobaL3C10VFLNgRCOlJs8bmaF_D&sai=AMfl-YTBikpRqcxxvpDu31oQPpZ3kb7dVcZvZHRLqIa_u863mb6lJNpqwN-Qab2MalbPjbQDT8kYNC4MCVAHeo-89XtnMQM_rPUdAO9YjLW7H39sUMBUKQpHoBKvj1erFg4&sig=Cg0ArKJSzD9pK_a2wtckEAE&cid=CAASJ-RoaNQbSf-gfK6GWj6-G3WU9yzazpNyWK88tkhD9_IjthGN-AlRqQ&id=lidar2&mcvt=1000&p=231,288,321,1016&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3637477135&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653688043059&rpt=1076&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 09E9 42 B
64 B 142ms
140ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0NQ2CA5lrgppbK88BzMilSb6Hf1u3ndAIvyYV4yGl5wwNwSwhioBg9ENBVLhA_bmL42dVotZRaSUPxDNCdpcs4SiPk7AqJtLGv6q3MMiFPLcNku_N_ySltTSU&sai=AMfl-YQYp7gdHvrK4ydc8_w6OQW_LWBhLguGvqiFh3sYmXi3Aop3Fw9MELp0ktRpjeD2XbUgV-ivXL0QAJlt_5URT3ryOZRMTowkSrvR2zotLKxrOJPnw2NL2GvvDPc7KxM&sig=Cg0ArKJSzIYrF6VeZFDEEAE&cid=CAASJ-RoA00PD8IfYnWqKJWv9P46eqdE9YeIoRq8qYKfGU2WNcnj1uIFdw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3551285455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653688042670&rpt=1492&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 21:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 440F 35 KB
14 KB 105ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 18:54:38 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 440F 0
9 B 104ms
104ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KrFJHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 May 2022 21:47:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE08 0
0 145ms
144ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052401&jk=2512753692566401&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052401&jk=2512753692566401&bg=!fX6lfjrNAAao8wy8iPM7ACkAdvg8WhjhFAI7xZtit7X_Feqi5Xt4bRBZnwFGsirxLpdB4XsIZxT24wIAAABTUgAAAAdoAQeZAqFS_ACOOLwX73QEEi4kMkUPPggZHTC5rFD3n1LG4isepvtUc4Q99-H0rndG5irjeK6Oo7i9i9Vbz05I-hGGnVVgwE1fdv_b6sb8AjwNPy1vb8UJ1eF7ScXv1ktojJIW5Nt8sVRlcDW0Iv1gdJlaVEZ4QnF0Jc66Kk3Q_3S1XJz3U4lJF9dbNXRvWEiyqadrn75kgKrpL1JY5HPiQ_gekAOP6CchiCrg5FxsjYKf6L93CweWzgYk_zA0VbdsDjzy1YJLF1U4Bjidcs2IROHGWJhCdBtv6Ay5ApCnDKGztYtIEeT3OwvI_1CyzH8MuTSu7TZABQlAOJvDanAGpPHyig2v2mHKt4QEMK64kFpV9KM3cADps7wolaIwe-eWfrh7dKo673k5y2O1KP7ZPU8nnSnHAZVms3NW6fTlYNMvTZYisoTZis38EnZZOYtNOA6DtreuemxLsML6Z4quhWeg0zWvBX1crGJXgeFdih8GHiK-l23S6NtdKk-TOsUuGj6G7Zp9nYajhA3ysPSrZlZsfwkKRRTG1nCseGjy7lJmFt3abL03VW2Ceo5Y5lR1AS8SIJH-7F5YhqlNQjLW6BznPShPPgFMg7oNFFPLO6RxGvJON2I8EPwNrrImwHjVw-Ul68EaMKfrAgBuLwjRpiyl4ppK04DilpyDjqginINqkT6rrQaNpJKgaR5P7Qe5GnMyIcyG80bZreDWE5mjzT9TWSBKR-bIGsfQAdh_RfaTeDj2rPwunx4PXe8wijMsjGkoyOR1UvrWGBZoaYgcFlY0leY7Sq2mS81acQ29TiddAB65kiypifbOtwkh6kJtRQNnpxoZcs7GkgtT4vUUyWfp_zrWiHohxVJkKvNm8p8e4cf7t4iWWsIcN_1An_AnW_6PaxKF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://mobilesafe.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=48814f395ccdcfb1dadbd527ba2dcf20

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Download%20Differences%20Between%20Offline%20and%20Online%20Online%20Casino%20Gamesgyola%20pdf&time=1653688040515&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.file-upload.com%2F0z5hcow6htdc&random_number=18739832659&sess_cookie=5184bf36181077cfc4130d0e510&sess_cookie_flag=1&user_cookie=5184bf36181077cfc4130d0e510&user_cookie_flag=1&dynamic=true&domain=file-up.org&account=dracm1a47E80em&jsv=20130128&user_lang=en-US

Domain: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png

Domain: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1185848224&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Differences%20Between%20Offline%20and%20Online%20Online%20Casino%20Gamesgyola%20pdf&utmhid=833013717&utmr=-&utmp=%2F0z5hcow6htdc&utmht=1653688040553&utmac=UA-42931250-7&utmcc=__utma%3D184767038.1947247230.1653688041.1653688041.1653688041.1%3B%2B__utmz%3D184767038.1653688041.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=662425283&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.com
URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freychang.fun/	1970-01-20 11:59:52	Name: csu Value: 1678972109419286@1@1653688035
www.file-upload.com/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Fri May 27 2022 21:48:19 GMT+0000 (GMT), path=/
www.file-upload.com/	1970-01-20 03:21:28	Name: __PPU_CHECK Value: 1
.file-upload.com/	1970-01-20 20:52:40	Name: __utma Value: 184767038.1947247230.1653688041.1653688041.1653688041.1
.file-upload.com/	1969-12-31 23:59:59	Name: __utmc Value: 184767038
.file-upload.com/	1970-01-20 07:44:16	Name: __utmz Value: 184767038.1653688041.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.file-upload.com/	1970-01-20 03:21:28	Name: __utmt Value: 1
.file-upload.com/	1970-01-20 03:21:29	Name: __utmb Value: 184767038.1.10.1653688041
live.demand.supply/	1970-01-20 20:52:40	Name: demandSupplyTi Value: 76014bc1-23ee-49fd-91c9-aca2adbc67fa
.mobilesafe.shop/	1970-01-20 20:52:40	Name: _ga Value: GA1.2.1305499913.1653688042
.mobilesafe.shop/	1970-01-20 03:22:54	Name: _gid Value: GA1.2.1434034108.1653688042
.mobilesafe.shop/	1970-01-20 03:21:28	Name: _gat_gtag_UA_126662314_1 Value: 1
.mobilesafe.shop/	1970-01-20 12:43:04	Name: __gads Value: ID=a91baa484cefaa6e-22e548d9a0cd006c:T=1653688038:S=ALNI_MYCm6H6UhZarxCWxwCiuhkZqbFpaA
.doubleclick.net/	1970-01-20 12:43:04	Name: IDE Value: AHWqTUnzPnNvf_7v-ci8F5wjrIFhnIdkmO-ElP3Xbq6QNuQ554knvdBl5PxfjcZUhrs
.casalemedia.com/	1970-01-20 05:31:04	Name: CMPS Value: 331
.adnxs.com/	1970-01-20 05:31:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>1K4XB0!@wnfH8K6pQK`!5=E<*L5?%K96Di6>Y:xCfeDOepi7iX@78?/<>zJj5i7(qI%nugO%v4VB%nm?M)v^M.
.casalemedia.com/	1970-01-20 03:22:54	Name: CMST Value: YpFG6GKRRugA
.adnxs.com/	1970-01-20 05:31:04	Name: uuid2 Value: 3107702857432031063
.casalemedia.com/	1970-01-20 12:07:04	Name: CMRUM3 Value: 2d629146e82760CAESEBg27TjYKCCC4nAyyLl0png
.casalemedia.com/	1970-01-20 12:07:04	Name: CMID Value: YpFG6IlIX.t.q2fRgI4X0wAA
.casalemedia.com/	1970-01-20 05:31:04	Name: CMPRO Value: 711
.6sc.co/	1970-01-20 20:52:40	Name: 6suuid Value: cfd5ce17e9490000e8469162df030000131a6300

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://elementalantecedent.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mobilesafe.shop/ Message: Access to font at 'https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://mobilesafe.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
cdn.id5-sync.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
d26adrx9c3n0mq.cloudfront.net
denknowled.xyz
dinterperson.xyz
dsum-sec.casalemedia.com
elementalantecedent.com
f9fabc2ea41d21b1b3d0e58809986237.safeframe.googlesyndication.com
file-upload.site
fonts.googleapis.com
freychang.fun
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
images.dmca.com
live.demand.supply
mobilesafe.shop
pagead2.googlesyndication.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
t.6sc.co
tpc.googlesyndication.com
www.facebook.com
www.file-upload.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
certify.alexametrics.com
connect.facebook.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
ssl.google-analytics.com
www.file-upload.com
104.16.133.22
13.224.194.94
13.224.198.13
13.224.198.65
141.95.98.67
142.250.181.226
142.250.181.237
142.250.184.194
142.250.184.226
142.250.185.104
142.250.185.106
142.250.185.129
142.250.185.162
142.250.185.200
142.250.185.98
142.250.186.164
142.250.186.46
142.250.186.70
151.139.242.29
172.217.18.98
172.217.23.97
172.67.218.221
185.33.221.87
188.114.96.3
188.114.97.3
192.243.59.20
23.35.236.247
31.13.92.14
31.13.92.36
46.105.202.126
66.29.132.14
96.16.137.162
009c344e95eee025f583be0f793ab91b2b2e27264b41e9063b2d8f369385ff7b
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0742bc687d6f504eec78a16afdda860a6423cb06cda1e823dea507c6953add67
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
10b3562f513d11315be34fe8d56aef262a2bb7c6382cec640668c3af7b9a0cb4
1182f90410312af4f0a05c97bf87eab9e2c9864ee8c4bd2a01a07f93aa60b93c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1a00c9fbc7e14c7b6c5c7c680dc34636b485a24a8f9918f4c8b19d1aec5e2497
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1ae19d95522e7cca3a9177e0fb1b7934d3d8c2c209620eb943432834ac2f7d12
1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc5012f2278fb767667239106bd728095562596632268a66639647de00086f6
349ba3b26599cfe380809dbc57ec5ca9e4949957a3ab61df2b98a5801dfa2b2e
3674a25aceac2bbf4b658d32fd95afa91939e44a5e009d3589a971f3b6b104a4
37937eba2e884b89c3834d9b1dcc04149af224536cef0fa99bfc1670b395ee78
3aaf2e13cf108f1df8d17ba7d00482f1c977a219b7d969c202ea99637946c98b
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
42f20329844d04226ac3a88758a9df700bc60b48655d3d3b0a43c003db378083
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4a3608db38e76aa284d305e7d9022b02b38c765d1436a9d9f969b67c84f55a43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbf0cbfc7c5f0ac335b2cc3cc19fc52804c13c73176ad47745cc1cdcd109422
4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e
4eb99b71c799707bad6162b4cf07ae0246fdb67b80ce0d175da13457fa0d154e
4fc649acdde3f000fdc39f0ba662ab1dd480f68ef49180e8b6498cd46b32ba93
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
536bb4532d0c6d58ba8a1e52828c2f9553fcb40024626c44d73d08cece2e6aff
548270ca489c627c8133d2929da35235302889a6210b56c216d1c27c1ffad5e8
5516590d2761290bdcbcaf2be9f79ef41810da1d197ea2fc0b23fec9093941c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
58dc2cc80ad8d6fd73e30563bb05c80bcedc8144d7bc925ef8928acf08b22c2c
5d99f68e77d63afff1b3d1f6a45dc7148f759365048490bd8909f0867c641d02
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f975afe5fb91a81a226324eb36cb46a645b82be843935e240a5d22fa2fbb8ba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77
641d57ba11db0160099817a3c822a1b5c1b96822d1838e3cb46a06780c656d8b
658d602d0e112e2f85d0099b46f868f666c530008b6d455acd7eb5a5ea317d12
672c7ab8240c35a6eeb4a4014102440532733269059ba09905a9da328da0bf3c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75f044d18ab336d679054d3fef48dd77f16f5b08b1e81ccd5b1efa8af53d48e0
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7db0fff82d0380709df98b2ab7fd5285dbee6f0e492b3ce3d444c41e9b6a2379
8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a885929fa3088e048ad2595147b8542ad41d59f882cf61c46cdac8e98811a79
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eb7bcfc3fcb80c29ff183bc561fefb385db9ba1875e51f7bb1d3baa341b2f88
91ef8b3ffe285a49b1face6334b421f57a27a56feb2ebbfd5727b4b5374816a9
9504f884efd19e67d926df48df35ddb6256133eb76c6bf14c0c073e550a7c83f
9648abff3636c299c07fc316a48793c09417c23e3344d2acc49415d302cd013e
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460
9cae783d3eb4b7582a2064366260d3d31adabed44a32a4f2150cfabf368ddb95
9e3944598905bf926d2597a605a850a1ac6984826411083e101c648093521f45
9e6bf537809c62dc4ea509ad18f90ca12ea69c61a663d9e5bf475f1605067fb3
9f13b8732f17856991168af0f50bccf89c94327973b6741f098227ae1640d5ca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
b0beaa956302a685c6eae5e9461b7aaf11003e16bed90483b096d7acf9add88d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b771a767034dabe8c8dc1a2145a991c7c26326c2abbcc37cb0111fba6a0ec017
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0822d781c63fd92e91a093e369bcfa60e92e8641c84c941f9762fdf1b1d36aa
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdf524ef16dea36e3df28439715729c1f2d8ffa65553a3ffb183ac9769143a13
d1a026f26a6fbc3f286c7e0c1183eee625c3dc2430fb2cc85a6a03f5fa4b6409
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
e207b1c9591e53b46e0f95cbfcd6b63a7128e125682ea4177e13e46b5294c956
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49fc56edee7bd58fb633b32bcfe0e2b49116d0c058c9d8ab514d50193ad5a8b
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
eae88b6ebbbc4dc92d253bd4cf6b7f5b4329c66cf0b160592f35fe52b252a1ce
ec0617e540cf7cfbbdde7d51ff5119156ad3d2a8c26dbca5f8b4fc3c9fc15dd2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1919246ee01ade237da0ee25fe4ef794d0b446f71330b3b5119286b249c59eb
f32a29cc858ac1034166d22d9f4c4cf3d7bdaf782091a385073c3acb3e534601
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fc1d10d0fc2760f6ae4a5947fe2a8ee0b86efa9c633d60ac26c74730af710780
fda5ddc616f50bd628e64124995b717da801228c7508fbb7cd6ce653bbf3564a
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

mobilesafe.shop Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

241 Requests

89 %HTTPS

0 %IPv6

26 Domains

36 Subdomains

33 IPs

5 Countries

2692 kBTransfer

6190 kBSize

22 Cookies

31 Outgoing links

Page URL History

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mobilesafe.shop Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

89 %
HTTPS

0 %
IPv6

26
Domains

36
Subdomains

33
IPs

5
Countries

2692 kB
Transfer

6190 kB
Size

22
Cookies

241 HTTP transactions
6 data transactions