www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/6d9hmgfexkiy
Effective URL:
https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Submission: On September 04 via api (September 4th 2023, 4:19:54 pm UTC) from US — Scanned from NL

Summary HTTP 281 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 52 domains to perform 281 HTTP transactions. The main IP is 2606:4700:3036::ac43:b1f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700:303... 2606:4700:3036::ac43:b1f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:4800:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
25	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	18.200.64.186 18.200.64.186	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 8	2a02:26f0:310... 2a02:26f0:3100::1725:e252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
3 30	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5 5	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	54.158.152.31 54.158.152.31	14618 (AMAZON-AES) (AMAZON-AES)
8	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.50.158.128 52.50.158.128	16509 (AMAZON-02) (AMAZON-02)
3 6	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.170.131.1 35.170.131.1	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:94c2:7e1f:39b:9367	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	52.193.101.23 52.193.101.23	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	18.159.70.92 18.159.70.92	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
281	49

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:b1f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.64.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-64-186.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3100::1725:e252 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.191 (United States) 5 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.158.152.31 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-152-31.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.79 (United States) 2 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.158.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-158-128.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.251 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.131.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-131-1.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:94c2:7e1f:39b:9367 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.193.101.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-101-23.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.70.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-70-92.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	367 KB
43	googlesyndication.com 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	189 KB
36	demand.supply live.demand.supply — Cisco Umbrella Rank: 39979	47 KB
35	criteo.net static.criteo.net — Cisco Umbrella Rank: 603 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10696 csm.eu.criteo.net — Cisco Umbrella Rank: 10389	497 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 943746	550 KB
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1635 ams3-ib.adnxs.com — Cisco Umbrella Rank: 7587	59 KB
9	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 426 mug.criteo.com — Cisco Umbrella Rank: 2631 ads.eu.criteo.com — Cisco Umbrella Rank: 10282 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11316 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 17186 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 19450	98 KB
8	bing.com 3 redirects www.bing.com — Cisco Umbrella Rank: 75	25 KB
6	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 736	1 KB
5	zemanta.com 5 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 546	3 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 405	110 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214 Failed	283 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 41	32 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 487 www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	38 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 169	176 KB
3	file-upload.in www.file-upload.in	11 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 591	1 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7689	87 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 659	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 752	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4396	651 B
2	acuityplatform.com 2 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1278	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	10 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 716	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 692	812 B
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4491	55 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	143 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14930	9 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 342	146 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 756	464 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3207	1 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451	713 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6964	552 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4642	613 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 348	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 791	715 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2071	199 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 366	456 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518	549 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1998	172 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50826	610 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732	2 KB
1	file-upload.com 1 redirects www.file-upload.com	430 B
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
0	alexametrics.com Failed certify-js.alexametrics.com Failed
281	52

	Domain	Requested by
36	live.demand.supply	www.file-upload.in live.demand.supply client
30	cm.g.doubleclick.net	3 redirects 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
25	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.file-upload.in tpc.googlesyndication.com 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com www.file-upload.org
22	www.file-upload.org	www.file-upload.org www.file-upload.in
21	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net www.file-upload.org 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com www.googletagservices.com www.file-upload.org
8	ams3-ib.adnxs.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com cdn.adnxs.com
8	www.bing.com	3 redirects 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	onetag-sys.com	3 redirects 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
6	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	b1sync.zemanta.com	5 redirects
5	www.google.com	tpc.googlesyndication.com 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com www.file-upload.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com www.file-upload.org
3	www.gstatic.com	www.file-upload.org 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com www.file-upload.org
3	connect.facebook.net	www.file-upload.in connect.facebook.net
3	www.file-upload.in	www.file-upload.org www.file-upload.in
2	c1.adform.net	2 redirects
2	cc.adingo.jp	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ums.acuityplatform.com	2 redirects
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	sync.srv.stackadapt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ads.eu.criteo.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
2	cdn.adnxs.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
2	adsdk.microsoft.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.file-upload.in www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.file-upload.in
1	x.bidswitch.net	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	cms.quantserve.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	rtb.fr3.eu.criteo.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	rtb.nl3.eu.criteo.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	a.rfihub.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	fksnk.com	1 redirects
1	match.adsrvr.org	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	match.360yield.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	tr.blismedia.com	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.file-upload.in
1	ssl.google-analytics.com	www.file-upload.in
1	www.file-upload.com	1 redirects
0	cs.chocolateplatform.com Failed	80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
0	certify-js.alexametrics.com Failed	www.file-upload.in
281	69

This site contains links to these domains. Also see Links.

Domain
www.file-upload.org
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.org
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-14` - `2023-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Frame ID: 0CB176918D641FCDAA4D0A744FF16F54
Requests: 106 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0E0C9C64AE0FCDBD18B098CA55CCE57
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: C593EE2337FA425D35645D121F39A62E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiUqiKI6ESHoSE050rmZJPazexQupUw0BPmvjiLCgBhYpkhQw11u4tBno-Iu-o4Q_D7-RrytmBWbn-mJZe3l8_0evad8CLexAw-ZYqEgHW3eV1Tci7qa2uMjqlXAM2noZm8k2WdNttY5lkWNY3746EtvJkfVgE9xi9x3FWJ9qIkjfvHtPJdlOIUowbrtY9P2qXVEcZkH4_MOOEm7RP57vyccpYC0hsgbEDTv3APSKmjD-dl_hB8oESC3M7D-M231PrYTajaljen8w-TgNoifrqm_VJPmoGXZ-piTz8AGefJKKTUEbJ8htULMQFt0P5jQSmotwtAUok5qlWfqGSuInfH6vnOHa6Ob2zhFjOtSOOmPKzhfe0oo-SDtgxwZVOESO9DR46ms2N7Zt6xOC_NuE&sai=AMfl-YSZPHSA9y4UMVH1fZd58iuwQGHZ90558jfL1sC724bCQEvU2uQRe1KENjSHVdjHKSZtSZhFBoYJ0NzHQwbFe3zlG8gQ2Usw_qHRsAyKOOQp1aR4de4DKI_rb_txSSp8wH2x9CPA7jfpSpldR9Uj&sig=Cg0ArKJSzK9_iITyB-n7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E75011FFF62A2A1848FBCB83C1C2B925
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss12_wZKxcx8Zjwd5nGNojmbRhng2rU5BqF6itH6yIWK6HYmDTduhFK6ao_A1rtkT9vLPxM3FHlCGwgYyvKTlJB7Hr1viJMb1Cosa3qpdTkJVLEVF0juBL7paIMxPwGlek3IB19JhY9AMWO6zmj2OaVQ5hjMBf_ZSlUNWRbCWPMg_RBjCokSZW37LtywUCLL392uDlGh2A0gw6RO0QLGOa7AFJIwgnnx3LXwhUapIW-dLcykzFmnmyfQguo1C24RpHvlIw8k6QzDPhuK5FYHNd6ld04YR45tFbWKF63adCPbi6KwsT-dIDMHXKmbFoWv31rV6wx0vitc79TskrB0UCJjG8_o3t3di57k67wKejH_qzT1XK6LZbkfJ2dZjGzalM1STVDwlp38b6HcKaptQ&sai=AMfl-YTxnvxRyYUZXQI9sdLG_tp7R119HertvfAT0K9d8TuP73kk62p1ULdhkq1aKdmKq5OMyRxmAuEHeQZld1k9u9SyH32bQ8QMdwAaGI8HIET3etRLFJInIUP39VhMVH7xJjm9XRFT5RDyWONZ8sg&sig=Cg0ArKJSzBzffjlT-uWSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F378065EC3971E905D9C431AAC6D754C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx30lk9cBmZGj9jk_ZVOAx7LdB5Xp3XoNHbwU621SSdIRCA7wjtHs_G5xcBYNUPBI6rUQOHa6cgduDCloUW5wchpT5vK8FuT54WsFTaI9Ootc5M4W7whQrwvy3Oa3rlCcQjzSjd6ClveGTR2_wBALiufVXiXvV2xoK8GoPMHFC2IulHmcIO3xtrIuhx4e3lx3Pj7lSIEjmeqo8RAW_ad_VrAw8pC1t8_QhOGPrfIYLARAJm7dSkdzpO186cp5IgNXwUg07TF04n6cmK5vhTMoVacikKgF9H-AcBe48nIbkc-0fYYWWD9JXqfYUP44wppVUgvpnIRCkrnLC3Je78RIzTijZpnm6-T7TJu3Og2hggAI3mCodI4F8EfLO_UxQCI9WCnLJK5NHiCNh5p5wzag&sai=AMfl-YRH7gWs5tyCE0DTiJmS-x1o6NteBoFNZOL0vnKpgEXllOOL1cTGS2KsPs89Os4jq1xzFhIdBRXzLWm6ZDwkiyEI-uik0IJo9O_KRcDm36uOF5ZIvGTXv2tv6zD924wyR1eI4MeQsEOOKCOxzec&sig=Cg0ArKJSzLDjWcGAK3LlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 76A5898453EFA6803FC2DF8F8FCF21EC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHcYKxMRmsrmhS-YGrZyyLCeSRQl8kO8uqnkfloj3aaMq5kt8_llb2ZhVs2BDXDij3R__GDeHeuotBuovlgm13M7-ClMlzCT3o5DApfpmw54a2XyG5zdAeurC3YmguS5pHoUTrJaMJtqN7G5bRDIaDV6-KRp31DZc30B_W265G6ib4I4u0wdjGOGIQIsplIO-hhqgofStKK7JmPykqaEHDRXOUyKEbul_fM_-kaWAWKNTznQs_4OQ7lLW-9ByPTuSMbjHEmZ9fWsPPW5Pc305f4JRrwc4yBBWJ3dHybWEFUa0_oveJaiNheKyaFidINT451TmXMqcTy32rHehjGVyXXVstppS203bR1MUDUrtWh-chF1ZlHPwidQ-MRodWygxZq49IJNhUIuqgu3K5qkg&sai=AMfl-YQCS4NlIYVutfC3eq5_7cyMLvLBc6Cg2_1--8fnU4RxJwn-AFx0v8IcI_bbdtYPynuuN2ajFIawM0r97WKLU93Vn8DGw_yMA1heCMJGARXIyYNYuC5z02Mh47KcQNdRjp1pyrOo9DDXIFp7lbW-&sig=Cg0ArKJSzBTAxiDyWHOLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 39105E5A3295F7958D05D325A5D08165
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: C52B1955265786B28FA086AF306D86AD
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A5B934F981F26236F99F808AAA11332
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 687F48A1BC0BCFD4EA5AE0D286227429
Requests: 2 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42092CE15FB12E05BC1DB2EA64427348
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_hcZeh9RtF1veBQBoKuF1vATTVwgZXijxv-6Vh65C7KiDrqcQoHh7JXlschdQBnr12L3fdTFDW3_l6MJm464XNSI-yZL-ZA6sfido9uVQvcNGbbxgRd2yKGReulXx7ImHx647vldS1-qt8P2rsPF5cOyZHzdqxpEtQyXwWvXT5g6mtgmKOHNvhbchy3Ch-5ZDnAYB7zyVD_wJtwQeJl2IjMA95dVE7vWCopL6X4IQQq_6bRLsPzPURSMdAx9z9X8KG6t0joRgHkmweiz1yiVRD_bdthbKbo-9XH9aAcz0Ov7tY5_I9YHHvIQ8z120BZAXPNmgzRfjTw63MfwEcn0qAVzVGu7r9hdnOTxN4ZHGwUCps0u9GZsiNCcXyH2-iAMVG4MWvQKuOlICRkMYkg&sai=AMfl-YSmHCpWIdSsWLsdVCp0E6BVyIE-FWUdIs7ZfQxmn_GOUquM-b74Pi1smmww29nt8qlZjGkKoCM0gAMnZcaaB5WmUebto8FrdDay528mkB9Ox4MQgQOpYABfufIaOMU&sig=Cg0ArKJSzIgfr4-QLMG8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 392AA0F00F3CF5C1CDE39AC2D7870281
Requests: 2 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A529F922E3D9900F433366BE298B64C7
Requests: 16 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 883315751525EC4F1E317058AC2BA07F
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAGaf8Ke7BLAApYWxQvUruLx85LvlOpYw&u=%7CwCdKRJ90J4zqICv5bElENPKVqDRTXRq30vIVrhXxcKw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrOFfqM-mAZrj2vHtyh6vjabVR_Ni9ydxafQmPtQxC0_f8Kq9liZDoX-aqmVRVDIHzLYhgZljJtnNssuYjr4-OGJ28jHqLivz0HvXYiChDxmvS0SU4JtFtWVRyrA_I71L7LqWEHn5jQ5wsCqAvsHzP65FPBLCHkOqreNfMHR6G1CnFzs0bWieFWZAUybKY8OkwyXPoyc66PjuovbreHB2Kqu-xKLbDu3XtichGoECXMMj42WPfDTW1eaK7FNTdsFJCU2MyvddPfJKFUmwxTmBPBbGso59Bf8X_HQ-sXhzEFbdNvW_1NW4XLtE-0GnVggODJNNV6zjbrEvkXLcTcchdbm1C1i0x4vdrB92ob9do_7U442s0EqonIJO5A-KVZHZIFNqXfg5XyXUU7Pk65GP6PsN7qZWmsNiAYda2kljkkbig4LRObIWo5VYKvoT6R9kWWnkOtVQ0Dt-r5ZVAAAa3B-RWZKnQdytpsu_oTze-nElUU8UMI1EwZWC77nEhuOXqf1qrNT12F6Q_fVlP_cxn_D8fsTapJdP5D9picFWXuIhE18vxj_7mgAJ8eIJ7uT2oXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy2u7owP2ZP_TGcvg7gPbsKngCcme0rFcpfyT93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQJVJj918R2yPuACAKgDAcgDAqoEvwJP0KyN0optg2WyTVlnmTePmska1mklO0rJFtrcDdIZPcb8vBbNSY1S7pS7wCoJ4fMFMw9aESkbT4Fin_K1zpgqG9YwI1CPw0ivjlOoIP3Jbv7A-X0cylmF_cwqPuDTfx7mrnLXbLqRVaLIycPFPxA3N8OZ0EILUQ02-lG1dzh1IHm6ftpZklscFSTGIgywsoVp9s7ZMrMQXVjYhe24NAGv1Y3jnFa2MM5fvztPftTbbumN1_E1ErJEtN8SJGQ5DlUZBTSYdt-8TnI4CaKGcjXvl9erNe2KtccNvTnTfuc57U6kOIGEAHwZIqRl-7s5ANpbahw55gGHwsS-DmuoIHxotsUNudbzIi9TxkMi0rTTjDwp8AB-IYya_wBmkQ2EFrq8o6x9keucfGHTaRFD4QbXmt0n2YalIP0eBqOP-b494AQBgAaJ4azD186-4H-gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ev9k-b6NODU6K1VulrCH0dzPFrA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 1F505C3DB08CFE796899C012CAE8642F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9CEDF7CEC2C9FE7D35C883B7ACF0742
Requests: 9 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A472697A6928D059D84808C3DE5AA72
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E1E0E2D25C04FC203D6D339B2383F5D1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD4620FBDCED7EFD3DE33015F6A54E9B
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAMkzQK4CYSAABsefG3UC8XoWfcyGCTUw&u=%7CwCdKRJ90J4w8F1p6h3g4dPRNB5lsBbs0ioOxTQfumaU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrONGvug9vhXrXbXNkanDX9C6l7IIAqT2M7jMtmsGyKueLy_QKr0uleDMzYWgPt3dFwkVrhp3IXjjqvjPVjGOiK5bjlAa2y5wC9yH-_W27WDpjGQRgpt0ZSWp7e_d5GnGONAra539Fd7ERbsAOqPTCpIm9Sp1ht-QQ28YSIhOUf7gXn6pFmExiXVkI93eqinqN6TFc-GUVpNqketBYLwS2ShyBmBzSq2q0dC32CLuLiGDHAwIDxmygwb4uzgrNwiHdi5A7J5Y7-9aRphe0S89uS-CK9dLHA3qdVJN6EuFNQoTfL43hrQbFGM_5v2tp8M9yjlDkqTCi4B6XEq4YiMn6flSFwIhtNaLmtrOh_LeYrKdBS6IoMPtKt3Fj96kckPjuPAJ9xiAr07LxUa03Fe5IT6Qgm6p3FKE6lTtwDAFa4wQr6XuDooHkqWU9VxWs0HfpSUgM-DcXUsp9oQZdj-_AJIcFfCzWBLBYyZZbUhbl5y3DG8tJMXplUtlz-geLxmugSPRmmBSTbjogGPRSL_sfwqv1zQguSNzhKpiQCc-wW_3nbIRKiAScfH0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3a4OowP2ZLSmMpLMgAf52IHQDMme0rFctZjj1pMBwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCVSY_dfEdsj7gAgCoAwHIAwKqBMUCT9AY-iclC9NygxCL89n6oa7MKOONomuzVzrSreEHORIeli-WczPlXmz5A8vxiPwdUSEE1Q0sCJYN4UKSwTWPjt_WV91W8je2iwiO2MlZHwW6nJxS4RcMqlFhgcCuURyFRiEwkUEZ9sNowi1xZmp0DDP_ODoNpAqi1GlxuEXAx9W0FTyk2YorUqIEPC1i4h4UxyWQPfbX63RsZcPzJ1YaORgeoRep-jUoF6hTjS0-EtlDlQz-M39eqGp6MKAgNsL3Hpi6Odx9_PdGhAx623IcF7XcdlpzB-RPhptaSU-7V8k0OFFQMd-dwtOCxGLMEMnsCgy3sYLvGlGJmRKdZTZKcvy33Kba0Y7eOY6Jj8r26yxQ3ZavtiJeWaSx3RWPYUsCj2nPwNoHe5XT6NtE9ZO3Vz4ysc3lD-Gklbsb8geab0qluRpCtuAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2B8kDrthvAMmNcqX7NQCLObSLeag%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 7462F35A1A96C86E4931D10F983199AE
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF4DE35FD93E080FE05EC2A231953F97
Requests: 9 HTTP requests in this frame

Frame: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E78C7B3EEBC12438A9962A831EB217A
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 8B75CC1DE6589E73CB1021E73B535A28
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45F0624D8056BAB13496E614902CE7FD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
Frame ID: A21C4D8878B4865A03087C4C5CE280E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/6d9hmgfexkiy HTTP 301
https://www.file-upload.org/6d9hmgfexkiy Page URL
https://www.file-upload.in/file.php?get=6d9hmgfexkiy Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

281
Requests

84 %
HTTPS

50 %
IPv6

52
Domains

69
Subdomains

49
IPs

10
Countries

2792 kB
Transfer

6848 kB
Size

50
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.org/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.org/6d9hmgfexkiy
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.org/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.org

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.file-upload.in/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/6d9hmgfexkiy HTTP 301
https://www.file-upload.org/6d9hmgfexkiy Page URL
https://www.file-upload.in/file.php?get=6d9hmgfexkiy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/6d9hmgfexkiy HTTP 301
https://www.file-upload.org/6d9hmgfexkiy

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=x6MZOHx4T0VlYWNPbXAzZnAyTTZBV3ZsOTZEaDVkSDc5QWZTaWxJRmZyYjFBd0hOTTNRZzBjc1JVelNoTzE2U2NKWmZQTzdQMU13djRDeHJ5MHR1c0RrZ2VIMVhSZE5uYmN0U203dlZLL1YyTkdRUVVqVTBKSnljd29EU3hISDJmOTczdmhvNTNxWmFQWXI1MVVnUjhkSlQrNW5GbEQ1aUgyd3pZcjc5UzI5UVRGTm43Y2JiSFZQY1pEc1JrMzF0SnBoVGJWd0lOY2k2YXRpb1JHRlVOS0JkZDYzclVkRUhTOFFSZ0RvRUVSVlJRcXdGTktJd3I2ZGVRNEVTQlE5ZDhBS1dWRjZLOWhMS0xPanNhTlVYbTUwemU5cVI4ajl5MSt2K0EvaS9ycmpDNFFiZz18&cppv=2

Request Chain 128

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b4636fa6-3276-495f-a882-ac7809cb52d8&bidId=5&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7bd3e9cc-07dd-410c-9e44-5dc7761e8a81&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_5-1-0%3F%26RG%3D0b249784abf34060a1abdae2c44a3cbe%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=4941583905304463806 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_5-1-0?&RG=0b249784abf34060a1abdae2c44a3cbe&SNR=1&GV=2&med=10

Request Chain 138

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=de674624-a80f-4560-9315-471e91889062&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=63d54b16-4fbb-4741-97af-6acfe06547de&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D95e7c74b099b4cb1b7b4c035ffc37d5e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=6574023346369776025 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95e7c74b099b4cb1b7b4c035ffc37d5e&SNR=1&GV=2&med=10

Request Chain 152

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFQ8FsEPQkL9NgvNaKO_-uM&google_cver=1&google_push=AXcoOmTsqsrRqtfQRdziIMoTYda9dBafz3vXG3nVuhxwwPHhcwyq0YJU3XbcbkbvWkKVq-zJu-MgqVv23GC8Y2_dNYseOAvfMjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQ8FsEPQkL9NgvNaKO_-uM&google_push=AXcoOmTsqsrRqtfQRdziIMoTYda9dBafz3vXG3nVuhxwwPHhcwyq0YJU3XbcbkbvWkKVq-zJu-MgqVv23GC8Y2_dNYseOAvfMjg

Request Chain 153

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE4mvBfHwqK1JXVA5yX2aBo&google_cver=1&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFTm8if8EKXduH5gGHU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFTm8if8EKXduH5gGHU&google_hm=pSa1aKbdSvqmKtCtb7WjLEg

Request Chain 155

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEGc_PW6eHjTHC0MQfSo97e8&google_cver=1&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwHDnHGcqLUALN0pp5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwHDnHGcqLUALN0pp5Q

Request Chain 156

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKHRsQkrA-mEX_JjyfutnHw&google_cver=1&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKHRsQkrA-mEX_JjyfutnHw&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=

Request Chain 157

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMl0GAd7Tf8IQh82-4sCfFg&google_cver=1&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fmIiTnhfGM2YEhk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fmIiTnhfGM2YEhk

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIiRandhAc4DVdq49JuLUfI&google_cver=1&google_push=AXcoOmQzz_6T8S8NSNFDu-RevhumFh9ydcEIm3ERADXK4BMoS00Znp3RORPU4-ovaCHMJN8Hno7PShjm4kfoWOB6vXVday5Otw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlBZRHBBQUtrTjZyaGdCVg==&google_gid=CAESEIiRandhAc4DVdq49JuLUfI&google_cver=1&google_push=AXcoOmQzz_6T8S8NSNFDu-RevhumFh9ydcEIm3ERADXK4BMoS00Znp3RORPU4-ovaCHMJN8Hno7PShjm4kfoWOB6vXVday5Otw

Request Chain 203

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEF0PdlrG9Lk1eo6V93pa3eI&google_cver=1&google_push=AXcoOmQ8c6GSVdF-ibPXjZ-TvdIbbNGFEDyq5Cd1dGcJewkmP6YpeI3fW5ekSsz3SdMpVufOol9fTL1p5Ol4sJn_4ws0rPq0lhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823062131015

Request Chain 204

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGzq0QP6vcOgbSRQyFYrwbA&google_cver=1&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6nLIz1hg1-hA5o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6nLIz1hg1-hA5o

Request Chain 205

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJHXOwvRTvU7agrii4akIXA&google_cver=1&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8GqCgZUvp57BY9leIAMjiJChs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE01MzdRUTctRC02N0gz&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8GqCgZUvp57BY9leIAMjiJChs

Request Chain 207

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENMZ1amGzgKCqG5nXWykOYE&google_cver=1&google_push=AXcoOmRNrnjtmdqKYPvNKJ0a5yYlNs8qZn9qvVfi9lwo7nYbZJvkR2kHKpXQiUOJ8vqm_Y7xMJBaKXm89vIFyqV_ZkoZI_tWYqJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRNrnjtmdqKYPvNKJ0a5yYlNs8qZn9qvVfi9lwo7nYbZJvkR2kHKpXQiUOJ8vqm_Y7xMJBaKXm89vIFyqV_ZkoZI_tWYqJw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 208

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_cver=1&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3 HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3&google_hm=UFc2eHNhanctY0dYZ29aX25XUUg=

Request Chain 215

https://um.simpli.fi/gp_match?google_gid=CAESEEGHIlr9Uy1MQ7RYHeH-9cU&google_cver=1&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQiJRaY4ZDua02KCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F23D479F8146E6928D785344F7C7B7&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQiJRaY4ZDua02KCw

Request Chain 217

https://fksnk.com/cs/google?google_gid=CAESEGM--OLrlSUQCzC3HJ3RxSY&google_cver=1&google_push=AXcoOmSPhoYx9MjOYaKNkBnLKE6A_0DWgk36xEbI0qIbsa67Zpq_DZNG5nIZQmWmtXXCbVqv_LKMfYU-vkymQNT8rL_fJw6ls_zL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDZEODhERkNGQjBBOTFGNg==

Request Chain 218

https://d5p.de17a.com/cookies/google?google_gid=CAESEHvW5dDfI4ozNtF_BbyPgAI&google_cver=1&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHvW5dDfI4ozNtF_BbyPgAI&google_cver=1&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g

Request Chain 219

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5w2M2WDNZk_ZWl2E9qLjE&google_cver=1&google_push=AXcoOmR5lPoK5I1UW55wboTu5wU3it_FJU2R3JXEkTxpxEI_UcLUsHJOFqBRFW2_sN1162B9IjXOc0_0_jcJh1cp0ju64mQgMzzH9g HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5w2M2WDNZk_ZWl2E9qLjE&google_cver=1&google_push=AXcoOmR5lPoK5I1UW55wboTu5wU3it_FJU2R3JXEkTxpxEI_UcLUsHJOFqBRFW2_sN1162B9IjXOc0_0_jcJh1cp0ju64mQgMzzH9g&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Dvvi3AsQru0uglcHI-wGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR5lPoK5I1UW55wboTu5wU3it_FJU2R3JXEkTxpxEI_UcLUsHJOFqBRFW2_sN1162B9IjXOc0_0_jcJh1cp0ju64mQgMzzH9g

Request Chain 220

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_cver=1&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-CeCbs8iTQPh8PpnPwWu0Rmooo3A4FJNN1lF74ts29mdIDTXOWeXJgFchXk8QgeuqA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-CeCbs8iTQPh8PpnPwWu0Rmooo3A4FJNN1lF74ts29mdIDTXOWeXJgFchXk8QgeuqA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_hm=ZPYDpCiaQtHv5hSIAr6k7wAADHIAAAAB&google_nid=index&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-CeCbs8iTQPh8PpnPwWu0Rmooo3A4FJNN1lF74ts29mdIDTXOWeXJgFchXk8QgeuqA

Request Chain 221

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_cver=1&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15HbleHafw3W0qujkmyOEgqVFQCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15HbleHafw3W0qujkmyOEgqVFQCw&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=

Request Chain 223

https://ads.travelaudience.com/google_pixel?google_gid=CAESENERlGVBKTGOO-voDmmZ5Ms&google_cver=1&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41HwxulIhX5CzOg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_j1oV81ZRZiNYA3WgzwCjA2&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41HwxulIhX5CzOg

Request Chain 224

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMpY8vwo_7YN2L4IvYRxTLQ&google_cver=1&google_push=AXcoOmQfsA-RXQ_roKL5Ow71AUKklw3Rn3BAIHSACL3l26onvGhfPFs3csoG6FNBDUwkEG-xvvm6UjcgnvSS5D6CwyoHkxdb7xU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823061997264

Request Chain 225

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJjBNzMOr3sQUDCFan-R6mU&google_cver=1&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZFAW7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZFAW7I&google_hm=eS1tNnFEMnpCRTJwR0RubnF2QjJXdmxWRVlLQ09xMmYyX35B

Request Chain 226

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGEIWHW4-zLuMFi06xUfaBM&google_cver=1&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGEIWHW4-zLuMFi06xUfaBM&google_cver=1&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc&google_hm=HRATsGZHlufqNKKVQmWuod9X

Request Chain 228

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOQrUQoGkvsN2sxy0ORtjpk&google_cver=1&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQrvzMMD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQrvzMMD&google_hm=MjI5MjMyODQ2NzgzNjAwMDI2Nw==

Request Chain 229

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEInb9I34Ix8CVjOLpGJgyvk&google_cver=1&google_push=AXcoOmRiNftLmt5fb5o287V0y2XOOQ3R8LPrQ357yWt2zx8vDZmjdO71FCJm7uFpbqTkkm7XrHW6i4tKb04FDs91kL8qvknpc6M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiNftLmt5fb5o287V0y2XOOQ3R8LPrQ357yWt2zx8vDZmjdO71FCJm7uFpbqTkkm7XrHW6i4tKb04FDs91kL8qvknpc6M HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 257

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b4636fa6-3276-495f-a882-ac7809cb52d8&bidId=5&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7bd3e9cc-07dd-410c-9e44-5dc7761e8a81&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D0b249784abf34060a1abdae2c44a3cbe%26tids%3D5%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=4941583905304463806 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0b249784abf34060a1abdae2c44a3cbe&tids=5&med=10

Request Chain 282

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENSOT6ULpHZl8yo_mCMf5Uw&google_cver=1&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp8vzK1gvMFCQO3Zcyt6asSA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENSOT6ULpHZl8yo_mCMf5Uw&google_cver=1&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp8vzK1gvMFCQO3Zcyt6asSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzNjU1NTg3MDIwODA2MTM3Mg&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp8vzK1gvMFCQO3Zcyt6asSA

Request Chain 284

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEInb9I34Ix8CVjOLpGJgyvk&google_cver=1&google_push=AXcoOmSZpJY31WwkvDLsQnJwdquECuCpATK_EzeyR2RhfVe4fWNnbrmdN8WrQWyR8t0x2am-kT1C27KvlhKLR4MBYPaIZFK9qvZK6jY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZpJY31WwkvDLsQnJwdquECuCpATK_EzeyR2RhfVe4fWNnbrmdN8WrQWyR8t0x2am-kT1C27KvlhKLR4MBYPaIZFK9qvZK6jY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

281 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

6d9hmgfexkiy Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/6d9hmgfexkiy
https://www.file-upload.org/6d9hmgfexkiy

28 KB
7 KB

131ms
65ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752a4d6923e2af9a2206286972be61747334b59614972b2c18c1a846eaa66ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80178e5409511917-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 16:19:45 GMT
expires: Sun, 03 Sep 2023 16:19:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cunLdTWH2PLnBymq9OHoNLAt3oMkYm7rcAXH3xJAfR8pPD7prACVr1kRsyYQHNaW0LQ6oDTLIo4DHjZxMtWXpJdCp4vIZR%2FmNkpQQvRTXNZ9MsIPk8pyJm%2FbQCHFUxOHh4HhuIo897xdxWEOVmvt0toL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80178e534db14d7f-FRA
content-type: text/html
date: Mon, 04 Sep 2023 16:19:45 GMT
location: https://www.file-upload.org/6d9hmgfexkiy
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlOB7BI1kKJgzoi4d3oM%2Fufrb90uSsFwDh2XV7YzUdObaxqiYnFyfCKEdPKNEwBs7NGep5i6Sw0ANRMJ6HVvVhMyYfPe7ny243eWU4ydSDnlqQ4NAs2ssgntSzDn4FT7%2BgI%2F3TrU"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 33ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588927
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ3kQXoYwkoC%2BqIsb0Ez7Hoe0HRIdoMWOnmdgEVkwR%2F2XL7OlhTgYK5gMcJqEjl0%2FycxeJKm9gciR5Z6wRx%2FcI5VmSaia31cPvLN5XSoArCumE1l23cmelaRtV82jkfyfpPwMmTgmN8NvcviwaqywJXi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80178e5479e91917-FRA
expires: Tue, 29 Aug 2023 20:44:19 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 84ms
84ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vh92EPfccMAwoctGbhFilDoD%2FEpQKATxyR8JDGpoExKJDXJwyj0p6LWJvrM6v7Eg99ZBFuON0MMKiTeojeyVuP7cwGnkPdDC12EMWQyqYUfJds9gaCnr00rkRQvwUWbwpZkRU1roUv1jIFDBKL9itrzM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80178e5479ec1917-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 28ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3283998
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6dIbjKFlw5Hx2L6Te2sqBSlZzfG3xjH3BmFiIkkfNL6BiMaCD6f%2B3aQbRPLGlS3%2FnaqQDCTevWTl54YWjXrHal5O8A%2FrcR98XI4bSgiZ50sRFpI5fbu6Svo8ix30nrn%2FHbU%2FH5wV2FvAIBCJB83XGc9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e54eed83a72-FRA
expires: Fri, 04 Aug 2023 16:06:28 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 21ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEtHhu3wrMagBkgKq91S%2BjrLd%2BPgjAEZlHJECZiELDIRIua1w7CS3fRLt1X6LQBpZbwGkv%2BWInvbugJMHFDcawMMD4P10IHQ5qjfNlYCBGvdl3k0IhzUxeOFTrBcuDAc2jDNXg7lOD47h1vZbTIFDwr4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80178e54ba491917-FRA
expires: Wed, 06 Sep 2023 16:19:46 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 29ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280929
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL3NYMHYBOGww%2BuRK57JlzAqWTmhIB2ERAJNtWpD%2F%2FA2IZhGnRyTmSCJEBGYHyiuNyyKFmxNFpaWdJ64wP5XJ3CcTBWPg3GsjaJuyAE8X0KPpPUMqEmSGdSIkwyeKBydDy89eb6XcmzEYm5ry0AWnyCy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e550f093a72-FRA
expires: Fri, 04 Aug 2023 16:57:37 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 31ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280929
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er9qMX0ZmU8CcH10P1hfc%2FA4V81ZpfpFjDIApuol0T%2F%2Fz9dmSY9bV4ZbapUCCsSoZN2t2OQZc2t28K2pPjHL5IozGvLGi02dhaaRZjkx2jEAXvwmRAu9kgObhgEHReYIe5gUdW%2Fc%2BzlI6Hhty1jCOmXf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e552f343a72-FRA
expires: Fri, 04 Aug 2023 16:57:37 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 61ms
20ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693844386.cds262.am5.hn,1693844386.cds018.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 30ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3283998
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSIrsGFk56XxpqAoKzHj9gcitkCOjR6z%2BCG04SqpjLz1t8SOxmEoFx%2Bk0ILZWr54X4kA2jUitg4abXoRCzBSKAAPhIX%2FrN0SCFTPZ60aFJgD%2B85U6%2FUWiIQHLLU8SFPzGQXwhxPQa%2FatkWIPjmdTNVwp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e556f793a72-FRA
expires: Fri, 04 Aug 2023 16:06:28 GMT

GET
H2 200 Primary Request file.php Show response
www.file-upload.in/ 23 KB
7 KB 169ms
101ms Document
text/html 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1afcc5c70b28b373f47dcd88dfe777271d26151d0e39318f7cd43e47ab6438

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80178e55db8b3a4f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 16:19:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xF1zryNzolZ93XmYTb44Vrf7LhvtNt4x1w0yPOqZi7vN%2BAA7l1Ej1%2BECv4T124Ey0iMFZWD2aWlT0eV7ZLk7lpM6t%2BG8kEPlK36YsGouQ5dpa73Zvj5Z7TrSVgEtfeyPJfblFYmgEGvm%2FkNOAyUOWI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 44ms
44ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280937
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD9IFVCHX5yF%2FVA%2FuSFHBmW0NwtVD93zSyWxg9C5miUw1KDC2WD1XlBfSMFhkRbX2YCytDdI%2BPb%2BzRlJKCpLMQ9CGo2iOp4MjXDeKe03dVmu3TlrGJFpTXA7nZWfytNJhMC5FZ7tLvBrSkKTRUtKGFKb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e556f893a72-FRA
expires: Fri, 04 Aug 2023 16:57:29 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 28ms
28ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3697
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZp5meh19s8w6ij9a8ERK8Ae5foOBvBxn6wCt1R%2F%2B6lztsrTdJFJDk77WN1KX6gVEofAMDo1YMO8SsRGzNas65Z7tLSoSKKSObt2E%2B7Z%2FFbluxOii10gvMZjr3GHgi9jL5pyotlFXsQPN3UCGc8AdTCU"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80178e556f8c3a72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 70ms
69ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5872
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxiYjRZSsGE58pOIvt3DrJ%2Fj4%2BFoDlsk5LNdSMsNU0mywQuuti5Rmd5R%2BFpA%2BurbCI3sqsnnMAR3ZOcp8D9pQKACNOHRv8z6XVPryzk9ZOJbn1CF0NyA05eFC5qi8uDhbpzAQc6gHHqlyi%2BlfwsELhzv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80178e556f8d3a72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 70ms
70ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2771
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgz6CU%2BTSoGKc4TZHPZxxCmEap%2FVHqyLVYCi2P9eNgz6iKrNd33ydobK384CtG6s8G8W560d3NcWW8voJ59ClS4GbAL3G3mwIX6xrQReynwlvhFXQdxVZ8s4hOe3ZwNI48SYKFBaw%2BUPz9TMUMsXzUEQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80178e556f8e3a72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 406ms
297ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c294ee784e6b0ad4889483e8a8780d608a67cda75181f092230ecb7bbfa50480

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H913VYCWPWFNYCGAJQ61H9HE
date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 438
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80178e572fe091f9-FRA
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 blockadblock.js Show response
www.file-upload.in/ 7 KB
2 KB 39ms
37ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/blockadblock.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148998
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 11:59:30 GMT
server: cloudflare
etag: W/"64afe722-1c1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOeiupq8C6OfDNrmDceBlBqtuhgarc%2BxsDz%2BP1nQVTWbjGl03ARC%2B0Yumx5evk%2FRlJZd1qSqZkYEr03xln6zn7C0dSIGETGcC%2BHxmTYR9ChfcxJzCAw%2BNHlRI3BonvZV0RoEImi1Z4zvh6d5l4cRcBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80178e568c823a4f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 105ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6ac92b4357bb63adb38a8f43db7b3523838232140cdde9407b93aaf80fb0243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66685
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 16:19:46 GMT

GET
H3 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 40ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591996
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUuRzwtHu2%2BrICzggpKEALdSlj1K2sjydy8k%2Fi6PO%2BFec6CUG5JHo%2FJ%2FxM50mBkGD2DH6sDTVEWR84vKBsbE5WQbIU0C6BP7AV6AOUfq94wyhAblU4cedS2RgfWqqZTqKy0RiPtZckR%2FgsvgtBKuAP5m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80178e5688f03a72-FRA
expires: Tue, 29 Aug 2023 19:53:10 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 57ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f86dea02c0b2a7e3cdf955a4b405aa13418017931035c67197557617a42b6274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 16:19:46 GMT
content-md5: Xtfd/E3foYrmqJWuzVN+fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88811
x-fb-debug: bJfZbcRRC4or8yk1OGttHn3a9RNHZ3ideD5ZzYPHBFHKEitzVYsc1humvc5QKHQomZDd5zW+ybJEHUfSGEowtg==
x-fb-content-md5: 54443bf40d081a7b9c468fd7fc0a53f2
cross-origin-opener-policy: same-origin-allow-popups
etag: "32beec243048a7ce11b318e8175b365c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Aug 2024 20:32:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 118ms
15ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b305c29eca3f235b7a8c389fde3dfbf8f1dfc07dbe911b1a567b5c79c6394ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 16:19:46 GMT
content-md5: fBW6tWqv0MZ443nLL/QCxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: F+z8M7Ldxq+VXN5MBV7OSRHjWFL6NHcbLQnjI2rFCWfcAZ/WHy4WE6GNHW5CPmVHi6CnXNbxIywfj0S4GWidIQ==
x-fb-content-md5: d6bdc9e80a8063712d2d824084f3db19
cross-origin-opener-policy: same-origin-allow-popups
etag: "e5c4cb06f9a068a0f8d453258a0ff0ae"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:30:52 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 89ms
21ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 15:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1688
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 04 Sep 2023 17:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H3 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 93ms
92ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it%2FizUFNhnedDVo31O88Wh7zCUqp7lVPQNy0Enah1CD%2FOnnCslE%2B%2FefFxyTYMRfbjJ5viTa7AZKWueIzEWXU0%2FJzVfkfyA%2BL2IvhU17%2FbLQ4EaOL8t19L7zqgx4Bah0WLhWpkZm7Gh3UU8H0zpf36D4j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80178e5688f43a72-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 34ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3283998
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDXc3Y3NTNh1e%2F5Tluq0l2BA7gXFgLCnXccw0h%2FXxtlL18bhFa%2BlMRQtEorr%2FbgmZv97gmgNFVnNeB7vjwh%2F0MSj%2FsuG2SUb1xekBuSqoLow6IS07NwuqJUPJ4IGM4qOLE4A5%2FiDuRBuFmacgOmBwKde"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e576a883a72-FRA
expires: Fri, 04 Aug 2023 16:06:28 GMT

GET
H3 200 email-decode.min.js Show response
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
26ms Script
application/javascript 2606:4700:3036::ac43:b1f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b1f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUA9tHzvQE6GzQdK6PA235gs8v9yR4KRYjk26Cu9hjbf1pK%2B%2Fpf3uhDzFzvq1kXzz0SUxelinOC%2Fro8sXrlZB5BnPkj6VOGAqduwqqSJenisPAQpnfBWo9U2jyJzCXM0IP6Ot3ZaVff2N1VXj3Ua8SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80178e574c204db2-FRA
expires: Wed, 06 Sep 2023 16:19:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 88ms
21ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Sep 2024 16:18:49 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 38ms
37ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280929
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4BRaPTuB%2Bue1BPwqzKkWN0%2BUdO05W1sm53dwh%2FiBHJSOrGM0ySzUq9WMI7pQrpHIPnpUEU2dmI91JkAgpEjttHzf07u%2BpxQ77qlPexaH7jSKLm%2FTNZn9Vp4PxU9O6k8HYMnxxKP5wZ30qpckj2WPgq5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e576a8a3a72-FRA
expires: Fri, 04 Aug 2023 16:57:37 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 34ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280929
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7oUPsTekTQQBdUW9NvXY5vG7D2s1d8QW97dyM2Zhve9lvuMdkz%2Bpgs7GmiYfExRRGOAQN4MVm06Zt9ZRAu%2Blg%2FNJnORYFlcMsiVT0y6UFxC37UmGaNL0uIIZuIcbUvAxAeU5g2q%2B2IiGDt6cFkjbP5M"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e576a8b3a72-FRA
expires: Fri, 04 Aug 2023 16:57:37 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
4 KB 24ms
23ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693844386.cds262.am5.hn,1693844386.cds018.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 32ms
31ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3283998
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ox9Tkzqdk0mIFZe3XgdGLyAs7yUPiNLBwo8hohlD9PKSHd5r8uF6hwfCI%2F1WKqxb3xOpMMauSlVTjy27li%2FVDxUnwq1a1XGjPwo%2FVbYPeVC0wV%2FMG4rDiBIXThlXNxPiQBWPViBXvD0GMpuzkoHjBsb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e576a8c3a72-FRA
expires: Fri, 04 Aug 2023 16:06:28 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 55ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cdf03ef350e5f737c25c4d8bdffa5968

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25f609de169962e8f7c05c317642024695cdb8c008102fdb3f746051dab52ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 16:19:46 GMT
content-md5: 7UtRhndKU+e5rSFOwVLLbQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88939
x-fb-debug: kPJnEAApvzXcRDIzJjSqHHI2rRCEMvYf4dOLMVKaipo/SEaCtSgqpoyLc8l2aLD7W1Jwk1fSbWOQ4J2+GAW9+g==
x-fb-content-md5: c65b55d05f188a70ba1270ca73704dac
cross-origin-opener-policy: same-origin-allow-popups
etag: "ce5f85ddb2676d37284f5bbbee2d7f88"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Sep 2024 11:33:12 GMT

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 34ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3280937
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHqI5m5bKpxteNBKa06uAlal7S5WB78H0h9y2hFkr%2Buc4UUzXZ1xPgZ7MOu6XoWeja5t2I1GSfQ0BqcwPb1Q5d3aX6%2Fw1nkm9PSZOu2W2p5NTeNCs%2BhFwvjJapSIBJf7vBr966CgSuKeBSdxB23TKcQV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e577aaf3a72-FRA
expires: Fri, 04 Aug 2023 16:57:29 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 42ms
32ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862342
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUnUBRVF0GFVtd%2B3SSHudKGpuko3F8cgdaO6NstlWBHym7OvINqOniZlWHLoW%2FYakLzAALFiwBoPTU9Y3a2MFZLIBfvP46JX81DM%2Flek%2F12o5o3aNmGmmRNIWfzvT7tUMxq8EUeaKANStLcz%2FBLMMfzn"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e582afc3609-FRA

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 34ms
34ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862342
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dvxoypuOM5Y%2FPQ1318%2FOYMR2uzWQOmT2goNPskCPygnSXZmGJ0z8Zef36uOPuIukiR5qqCXxscS6Ptn0GJL3WR4%2BhPainKPgN66UsjTa77Ln1YbjhIbp6liVCdurYdYVB3OGbAPRI8zuZ%2FCm0hTemVr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e583b143609-FRA

GET
H3 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 32ms
32ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862342
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8rWeJkoK0jKbvYUFdqrJisrIjwth1QvyprHnh1REtnimw3jaLJl0ZhOXr0LBC3ay0%2BCBLIEAjL7%2FNy251h4BmwuDcNv8h1Nq4ZeFMz1vMhV0%2BNIcQbfWtwkucIatG9BSK0HFETuNxpM3yUPDi%2B79CpA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80178e584b2b3609-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b375e1d04c525a762155ca22499e9ef9d31ae2a34bd149e395b3973f327a33e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 16:19:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 17:49:43 GMT

GET
H2 200 impl.v17.14.2.js Show response
live.demand.supply/ 82 KB
27 KB 119ms
118ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.14.2.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H913VKQN69AD5D7PM815AE4H
date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 515925
cf-polished: origSize=84250
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80178e5909d091f9-FRA

GET
H2 200 d3d3LmZpbGUtdXBsb2FkLmluLw== Show response
live.demand.supply/p4/v17-10-0/ 2 KB
878 B 136ms
135ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d1b1191eff911d5e5a46b7344aba56ba1beb9f8eaed74569298bca6c7264bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80178e5909d291f9-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 54ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=407&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
age: 861912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e593ada1db3-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 140ms
92ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70971f55c8f2423139b522e586ed3c528642a890ecdd936b397927fd18f9a975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29253
x-xss-protection: 0
server: cafe
etag: 693 / 19604 / 31077538 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:46 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
588 B 172ms
150ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGSQC59RYGZP6NQ359764
date: Mon, 04 Sep 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 861656
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80178e593ad91db3-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
516 B 48ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
age: 861912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e593ad71db3-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 47ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je38u0&_p=752283535&cid=1833812719.1693844387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693844386&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 28ms
27ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=752283535&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1127911776&gjid=742481505&cid=1833812719.1693844387&tid=UA-119779859-1&_gid=1365500549.1693844387&_r=1&gtm=457e38u0&jsscut=1&z=152248342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file-upload.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
374 B 176ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bd1c4afb6e56faa255b6126f10fd0e0b0964e489fc3a07476594e75b9783da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80178e59dbd31db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
374 B 159ms
158ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bd1c4afb6e56faa255b6126f10fd0e0b0964e489fc3a07476594e75b9783da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80178e59dbd51db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_fluid_all_fluidallshapes Show response
live.demand.supply/cp/ 30 B
372 B 159ms
159ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bd1c4afb6e56faa255b6126f10fd0e0b0964e489fc3a07476594e75b9783da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80178e59dbd91db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
373 B 250ms
250ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bd1c4afb6e56faa255b6126f10fd0e0b0964e489fc3a07476594e75b9783da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80178e59dbda1db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 30ms
30ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
age: 861912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e59dbdb1db3-FRA

GET
H3 200 file-upload.in_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
373 B 183ms
183ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d50be5db6e83fce072a358e3794ddcbf8123f4a67cc1031fe5c4f0cb5c54fef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80178e59ec001db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ 403 KB
127 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 21:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68174
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129791
x-xss-protection: 0
server: cafe
etag: 6482524881801658577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Sep 2024 21:23:32 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:46 GMT
cf-cache-status: HIT
age: 861912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5a9d401db3-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 99ms
19ms Script
text/javascript 2600:9000:2250:4800:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 04 Sep 2023 05:08:19 GMT
Via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 40289
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: FfboDD0-F08eo-YsS6gIGJ8Vs_WQYVZWRx0V-NmkKJ5IUymQ4jDosg==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 76ms
28ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:19:47 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 71ms
22ms Script
text/javascript 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1477
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: dKDjR_FmayiTudU_xcrDJgf4bonvX4wZ6t8NjNI5-49InK6HUvb7EQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 93ms
34ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: 3JQ318DFVHKN0R73
age: 43
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80178e5b2e3130c9-FRA
x-amz-id-2: R9Fu/q1tEuC7MGHnoR8UjIGM+A0snnpVJLv677Fyct217PxkBPu1N4UGkXzFHJ2Q4m9gRS7JQSo=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 90ms
35ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38566
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Caf73qfPepjbCnX51uVp31DGMyGrVD3iQaCtJaaaNSgWx6CbUikCPBmBZ6393WCuX6vFtnYo6Cd78S58XK55j4fN1aErUe8jlC%2FxC%2Fj9FXnZXRv%2FnoijMlW50AlaVQNvaYDMzues4IcUqsgV6ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80178e5b183f4dca-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 64ms
29ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: c7f5aa9227bd91a914455d8449829aa9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 920 B
509 B 1872ms
1872ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=3439205248300376&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844386985&lmt=1693837186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRim6fiHpjFIAFICCGQSGQoKcHViY2lkLm9yZxim6fiHpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ypun4h6YxSABSAghkEhcKCHJ0YmhvdXNlGKbp-IemMUgAUgIIZBIZCgp1aWRhcGkuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D27&adks=79733870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6355fa7ae3a863b6f0978374dd3129f731232c8c49cfd0d44d842a83f87e147f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0E0 6 KB
3 KB 104ms
28ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ 38 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl_page_level_ads.js?cb=31077538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d07cd9f2801c89883f1c7ac14e0025e298f87c88cadd5efb0f3d0cfee0456e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63716
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13576
x-xss-protection: 0
server: cafe
etag: 2762185566082787979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Sep 2024 22:37:51 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 110ms
110ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15085902214050292&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5add8d1db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5add901db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 104ms
104ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.15085902214050292&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5add911db3-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 360ms
359ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=4482435629275997&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd3859ca8-d6e5-48de-9b11-eff7c2804e8e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844387017&lmt=1693837187&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRim6fiHpjFIAFICCGQSGQoKcHViY2lkLm9yZxim6fiHpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ypun4h6YxSABSAghkEhcKCHJ0YmhvdXNlGKbp-IemMUgAUgIIZBIZCgp1aWRhcGkuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D27&adks=872948387&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6686faeeb9de1a941140a5e7c39ae1a23573fe5c37e367e081f8e4a2e05b0607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12313
x-xss-protection: 0
google-lineitem-id: 5562802023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 387ms
387ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=2063499531797906&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844387024&lmt=1693837187&adxs=245&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRim6fiHpjFIAFICCGQSGQoKcHViY2lkLm9yZxim6fiHpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ypun4h6YxSABSAghkEhcKCHJ0YmhvdXNlGKbp-IemMUgAUgIIZBIZCgp1aWRhcGkuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D27&adks=2365977148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd0096a03ce7b65a9fe98056490e78e81717e85853fd8cb499b204450b17c5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14743
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15085902214050292&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5afdbb1db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5afdbe1db3-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 304ms
303ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=3087009070852359&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844387034&lmt=1693837187&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRim6fiHpjFIAFICCGQSGQoKcHViY2lkLm9yZxim6fiHpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ypun4h6YxSABSAghkEhcKCHJ0YmhvdXNlGKbp-IemMUgAUgIIZBIZCgp1aWRhcGkuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D27&adks=2335961603&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e4bb812659c05735c23314a2b26f9c113d45ca4a7bacd6580d6ed644a82b14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12335
x-xss-protection: 0
google-lineitem-id: 5563931935
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 110ms
110ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=0.10144191980361938&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5b1dd81db3-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 29ms
29ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H6RG2MPY6RXJSSCBB6XQAQ1T
date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2532348
etag: W/"624a705ce1b65875ce70f98cfa74b907-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80178e5b1a341ca3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 317ms
317ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=3148580991608670&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbcf1b191-0990-4fe0-90e5-a2e0b1483964&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844387044&lmt=1693837187&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhsKDGlkNS1zeW5jLmNvbRim6fiHpjFIAFICCGQSGQoKcHViY2lkLm9yZxim6fiHpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ypun4h6YxSABSAghkEhcKCHJ0YmhvdXNlGKbp-IemMUgAUgIIZBIZCgp1aWRhcGkuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.06%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D27&adks=2708986379&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72a5dc4b64eefb51d23b142754bac5a24952ab8bbf39e6acd62f5dad7aeb255f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12336
x-xss-protection: 0
google-lineitem-id: 5563950412
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 99ms
31ms XHR
application/json 18.200.64.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.64.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-64-186.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 38ee6973a2e4ac539dc83f1ad30a151d1919a09d4b90a5eee633cd181ad7f4d6

Request headers

Referer: https://www.file-upload.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache
x-server: 10.45.22.66
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C593 15 KB
6 KB 75ms
24ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 241400
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 74ms
23ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file-upload.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file-upload.in
date: Mon, 04 Sep 2023 16:19:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15085902214050292&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5b7e621db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPR9APREMHNAG80EYM4S
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5b7e651db3-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 274ms
273ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=2701077929997581&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693844387109&lmt=1693837187&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKbp-IemMUgAUgIIZA..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D27&adks=1354342239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40fc43257e8709cf4af946fc1e34247ff5ccc8ada6c1aafe2badaec7e3ce9cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12336
x-xss-protection: 0
google-lineitem-id: 5563931935
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C593
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=x6MZOHx4T0VlYWNPbXAzZnAyTTZBV3ZsOTZEaDVkSDc5QWZTaWxJRmZyYjFBd0hOTTNRZzBjc1JVelNoTzE2U2NKWmZQTzdQMU13djRDeHJ5MHR1c0RrZ2VIMVhSZE5uYmN0U203dlZLL1YyTkdRUVVqVTBKSnljd29EU3...

433 B
651 B

91ms
24ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=x6MZOHx4T0VlYWNPbXAzZnAyTTZBV3ZsOTZEaDVkSDc5QWZTaWxJRmZyYjFBd0hOTTNRZzBjc1JVelNoTzE2U2NKWmZQTzdQMU13djRDeHJ5MHR1c0RrZ2VIMVhSZE5uYmN0U203dlZLL1YyTkdRUVVqVTBKSnljd29EU3hISDJmOTczdmhvNTNxWmFQWXI1MVVnUjhkSlQrNW5GbEQ1aUgyd3pZcjc5UzI5UVRGTm43Y2JiSFZQY1pEc1JrMzF0SnBoVGJWd0lOY2k2YXRpb1JHRlVOS0JkZDYzclVkRUhTOFFSZ0RvRUVSVlJRcXdGTktJd3I2ZGVRNEVTQlE5ZDhBS1dWRjZLOWhMS0xPanNhTlVYbTUwemU5cVI4ajl5MSt2K0EvaS9ycmpDNFFiZz18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aaa5d94ca0ee538588551b8a9f102e57f97669e5342dcbd137de286cb36a8ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1353187
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=x6MZOHx4T0VlYWNPbXAzZnAyTTZBV3ZsOTZEaDVkSDc5QWZTaWxJRmZyYjFBd0hOTTNRZzBjc1JVelNoTzE2U2NKWmZQTzdQMU13djRDeHJ5MHR1c0RrZ2VIMVhSZE5uYmN0U203dlZLL1YyTkdRUVVqVTBKSnljd29EU3hISDJmOTczdmhvNTNxWmFQWXI1MVVnUjhkSlQrNW5GbEQ1aUgyd3pZcjc5UzI5UVRGTm43Y2JiSFZQY1pEc1JrMzF0SnBoVGJWd0lOY2k2YXRpb1JHRlVOS0JkZDYzclVkRUhTOFFSZ0RvRUVSVlJRcXdGTktJd3I2ZGVRNEVTQlE5ZDhBS1dWRjZLOWhMS0xPanNhTlVYbTUwemU5cVI4ajl5MSt2K0EvaS9ycmpDNFFiZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270364
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 117ms
70ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ad9da6738cedcf5e864d82e413c1e7a0a9f0c2139e743f65dc3a90a26df56c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11753
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 16:19:47 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame E750 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E750 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
16 KB 394ms
394ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=671131338464661&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C3cc840b3-083d-48a5-9a39-279da3eea261&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dae6689751278eb49%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYpFulAbIRtnht6u8_j8ZC2kmf6IQ&gpic=UID%3D00000c6f006dde0f%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MaMNE-N3ObHvEd6tVYI8cb8JjaW7Q&abxe=1&dt=1693844387368&lmt=1693837187&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26bsc%3D27&adks=274265597&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87de6d9d59d9d93625af78e705b37a4a9846508d99178951014a7ff4c4a1eb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame F378 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F378 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
19 KB 288ms
288ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=2964259454847826&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C58b2c653-aff8-451e-a0f5-2fd3c0085d38&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D702176acbac8b373%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MZVD-B6nEQITA3wPbWnFH67HLm5gA&gpic=UID%3D00000c6f0142db32%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MZTZKaqotVh1Q9LsColjyVjaOhdCA&abxe=1&dt=1693844387393&lmt=1693837187&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D27&adks=1544541167&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0ccc519ab424b254ac49e7722d4c2550d4221829d67b04303e2164ebb5c8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19359
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 76A5 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 76A5 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
19 KB 312ms
311ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=424866131415218&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Ce5d6a113-1897-44a9-a217-a640317b4e22&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D237410bccd760806%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYwYQcMIeXlpckBpVSFat77DjeoLw&gpic=UID%3D00000c6f013b6bbb%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYvahMlofBX6yfJ_C2v5ag2Bb8hmg&abxe=1&dt=1693844387440&lmt=1693837187&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26bsc%3D27&adks=3491314037&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758e0b86379b7bb1553c199ceb1737336d9a0b68d6a5371096eca35281672c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19258
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 3910 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3910 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 271ms
270ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=2397070183858157&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C3cc840b3-083d-48a5-9a39-279da3eea261&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De96968b4d0efc9ab%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYj9LW0Pg7NynDPoMjRRThhj0RG5g&gpic=UID%3D00000c6f016e681a%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MZFH0_50cN-ZsUmdCZFFDqIro9BpA&abxe=1&dt=1693844387463&lmt=1693837187&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26bsc%3D27&adks=2191225267&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e311ecd5335d65568b85825ce67e615418246ed172a4e3974a633732833b09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12179
x-xss-protection: 0
google-lineitem-id: 5562791889
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame C52B 222 KB
62 KB 122ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 31 Aug 2023 08:56:04 GMT
age: 372223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Aug 2024 08:56:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C52B 15 KB
5 KB 161ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 31 Aug 2023 08:56:04 GMT
age: 372223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Aug 2024 08:56:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C52B 94 KB
28 KB 162ms
60ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 31 Aug 2023 08:56:04 GMT
age: 372223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Aug 2024 08:56:04 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C52B 5 KB
2 KB 169ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 31 Aug 2023 08:56:04 GMT
age: 372223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Aug 2024 08:56:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C52B 40 KB
13 KB 170ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 31 Aug 2023 08:56:04 GMT
age: 372223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Aug 2024 08:56:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C52B 4 KB
1 KB 75ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 16:07:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 16:19:47 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C52B 2 KB
3 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 67968
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 04 Sep 2023 21:26:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C52B 295 B
399 B 20ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 67153
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 04 Sep 2023 21:40:34 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 32ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&pud=407&pus=c&pue=583&pid=122&pis=c&pie=705&ppd=137&pps=a&ppe=720&pcl=494&ttc=872&tti=1346&ttif=0&lca=720&lcak=ppe&lct=720&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5dd9cd1db3-FRA

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3980117109798635172/ Frame C52B 21 KB
21 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3980117109798635172/14763004658117789537?w=600&h=314

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a823a42a33d4c758fdce94803de9b8236aff578ed78a0caffed8c100733a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 09:08:10 GMT
x-content-type-options: nosniff
age: 457897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21264
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 07:50:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Aug 2024 09:08:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17822024181240698237/ Frame C52B 2 KB
2 KB 28ms
28ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17822024181240698237/14763004658117789537?w=100&h=100

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89bba462c4880cf4a0e49696cc9d3b9e28052e57071ddc4924a4b25515301510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:34:15 GMT
x-content-type-options: nosniff
age: 513932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2379
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 09:19:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 17:34:15 GMT

GET
DATA 200
OK truncated
/ Frame C52B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 998ec01c442c3405433a2e47476e2d88a760a35e24c22923743cbffaf7aa2941

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A5B 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:00:41 GMT
expires: Tue, 03 Sep 2024 16:00:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 687F 829 B
1 KB 78ms
30ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

618b5e86a9dc62a69004957373c2bae28b24d46fd5041d44e7361a48e69d5b77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nru357q7WFA7VAkA3tcxBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-Nru357q7WFA7VAkA3tcxBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Mon, 04 Sep 2023 16:19:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A5B 38 KB
15 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 21:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 21:56:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C52B 16 KB
16 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 222278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C52B 15 KB
15 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 303175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 687F 0
0 118ms
118ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308300101&jk=4154827571813612&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A5B 0
10 B 31ms
30ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EsOi4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4209 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.10144191980361938&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5f6be61db3-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5f7bec1db3-FRA

GET view
securepubads.g.doubleclick.net/pcs/ Frame 392A 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 392A 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
16 KB 221ms
220ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=2873112437359230&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C6af7847d-aa8c-4b5b-ad63-78803495a767&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D66e5363ca1e761a9%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MZ_o8JscstcLCWMHUa97N8OoV19kA&gpic=UID%3D00000c6f0032cd16%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_Mbwri1jVLFmU9GPGSX2G5_79cN7bA&abxe=1&dt=1693844387777&lmt=1693837187&adxs=245&adys=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=b&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D27&adks=3634101300&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3420e9ab57278bfb0b1a80a3bfe0a68a2ba2c4c3b132f5dcc198a43674520a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15947
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C52B 0
0 68ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNPJUowP2ZJbmBIqO1PIP56aSwAO8ptbZcpfHt9bWEZiS-IezAhABIJWbyiFgkQSgAZzvgMICyAEJqQJvVHjWrPNJPuACAKgDAcgDCqoElwJP0Is-T1k6Wm50Ufecib9huQdyYPS-9JLUubi94AT9S159TdOFdNq6Fm_1uW2zkHl-4Ess45nLFkPz3em_YGlKu2PbIayVG6fZEuFTwa2W_rR75wKrju1LzLoUoKQvlZH86qhQAYeDrA_6uT4Ltvv-REjJqfX6_rygeC1UE0a7XnIdw9AImj9MT0l0kJTHmVqI_uCqp8us_72umWfOSdCd74z84qTzG6hThGWkyP-vkR2Q-AdIDkfLDdu_R366phwDu0IbLyFW9SuKIFdf-qVuXeCpqfPN2JR2qtd1fCdygXLmriKIZxAkARwtqhmP4YwJXMqtfMxnFxFS9ZohnYlr5SdCsTOJmx_InacWnklswns8u6ja4qXABOvq1OC2BOAEAYgFmJ3FhUySBQQIBBgBkgUECAUYBKAGLoAHzJD_vQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCupw_SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgliaHR0cHM6Ly93d3cubWFuYWdlZW5naW5lLmNvbS9wcm9kdWN0cy9hY3RpdmUtZGlyZWN0b3J5LWF1ZGl0L3NlbS93aW5kb3dzLXNlcnZlci1hdWRpdGluZy10b29sLmh0bWyACgPICwG4E-QD2BMCiBQB0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=dS1KBaeF1Vk&uach_m=[]&ase=2&cid=CAQSSwBpAlJW0s6nPumat4Vd5mQ3rX4TVHYPTr-yXE8hyGi6hMjpcZ8PAOWGNLkFZyofyXqA70Bzoh8kGRRUOt5OKzWeq87gtkNo35xiuRgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A529 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pn=1&sn=2&pc=0.15085902214050292&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5fec941db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.05&b=2&r=file-upload.in_fluid_all_fluidallshapes&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e5fec971db3-FRA

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 4209 83 KB
27 KB 130ms
36ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 26f53181978b273915caf52ede12168abd6685f9e56acbc985ed2415cfd779d6

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 19:13:46 GMT
x-azure-ref-originshield: 0I8P1ZAAAAAArDdTXtry7T7X/4xY4KBumQU1TMDRFREdFMTgxMwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5: QL2jgnrrs4kP4c4hHykzFg==
etag: 0x8DBAA56664EFA87
x-azure-ref: 0owP2ZAAAAACY225vh+a9R70d0LITMXTFQlJVMzBFREdFMDQxMwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ca348670-601e-0071-5825-dfb3bc000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4209
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b4636fa6-3276-495f-a882-ac7809cb52d8&bidId=5&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7bd3e9cc-07dd-410c-9e4...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_5-1-0?&RG=0b249784abf34060a1abdae2c44a3cbe&SNR=1&GV=2&med=10

0
18 B

72ms
72ms

Image
text/plain

2a02:26f0:3100::1725:e252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_5-1-0?&RG=0b249784abf34060a1abdae2c44a3cbe&SNR=1&GV=2&med=10
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Server: 2a02:26f0:3100::1725:e252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C50DB759993145D9843D15B6F1321706 Ref B: FRA31EDGE0606 Ref C: 2023-09-04T16:19:48Z
x-cdn-traceid: 0.4ee22517.1693844388.1d58fa0c
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 04 Sep 2023 16:19:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14C0D5267406430E9D857F49D3822A67 Ref B: VIEEDGE1117 Ref C: 2023-09-04T16:19:47Z
x-cdn-traceid: 0.4ee22517.1693844387.1d58f8d6
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_5-1-0?&RG=0b249784abf34060a1abdae2c44a3cbe&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 4209 80 KB
27 KB 113ms
41ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 16:19:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 03 Sep 2024 16:19:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4209 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 12:07:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4209 20 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4209 24 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4209 181 KB
57 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:47 GMT

GET
H3 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8833 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 30ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pn=1&sn=2&pc=0.15085902214050292&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e602cf41db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 32ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.05&b=2&r=file-upload.in_fluid_sq_fluidsquare&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:47 GMT
cf-cache-status: HIT
age: 861913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e602cf61db3-FRA

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame A529 83 KB
28 KB 65ms
19ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 26f53181978b273915caf52ede12168abd6685f9e56acbc985ed2415cfd779d6

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 19:13:46 GMT
x-azure-ref-originshield: 0I8P1ZAAAAAArDdTXtry7T7X/4xY4KBumQU1TMDRFREdFMTgxMwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5: QL2jgnrrs4kP4c4hHykzFg==
etag: 0x8DBAA56664EFA87
x-azure-ref: 0owP2ZAAAAAAZdBZSnKa1Q5ouOzNb1f/cQlJVMzBFREdFMDQxMwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ca348670-601e-0071-5825-dfb3bc000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H3

200

c.gif
www.bing.com/aes/ Frame A529
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=de674624-a80f-4560-9315-471e91889062&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=63d54b16-4fbb-4741...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95e7c74b099b4cb1b7b4c035ffc37d5e&SNR=1&GV=2&med=10

0
18 B

58ms
58ms

Image
text/plain

2a02:26f0:3100::1725:e252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95e7c74b099b4cb1b7b4c035ffc37d5e&SNR=1&GV=2&med=10
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Server: 2a02:26f0:3100::1725:e252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72193A4587854A6CAFB4A8D15F523F81 Ref B: FRA31EDGE0121 Ref C: 2023-09-04T16:19:48Z
x-cdn-traceid: 0.4ee22517.1693844388.1d58f9e6
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 04 Sep 2023 16:19:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4350FDBF41C94CF0972EE0384D4B4EBC Ref B: MIL30EDGE1221 Ref C: 2023-09-04T16:19:47Z
x-cdn-traceid: 0.4ee22517.1693844387.1d58f8d7
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95e7c74b099b4cb1b7b4c035ffc37d5e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame A529 80 KB
27 KB 86ms
26ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 16:19:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 03 Sep 2024 16:19:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A529 3 KB
1 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 12:07:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A529 20 KB
8 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A529 0
0 32ms
28ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQn3W3O0CiXFLs3GZoeo0mUjzmiGMDayWqOQMJCWIA5PRAbTERz5i8_EkWruyUmY4Cs49qpQMZ9tWf2o3PbCp4dVwuWw
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A529 24 KB
6 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A529 181 KB
56 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:47 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1F50 131 KB
45 KB 109ms
74ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAGaf8Ke7BLAApYWxQvUruLx85LvlOpYw&u=%7CwCdKRJ90J4zqICv5bElENPKVqDRTXRq30vIVrhXxcKw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrOFfqM-mAZrj2vHtyh6vjabVR_Ni9ydxafQmPtQxC0_f8Kq9liZDoX-aqmVRVDIHzLYhgZljJtnNssuYjr4-OGJ28jHqLivz0HvXYiChDxmvS0SU4JtFtWVRyrA_I71L7LqWEHn5jQ5wsCqAvsHzP65FPBLCHkOqreNfMHR6G1CnFzs0bWieFWZAUybKY8OkwyXPoyc66PjuovbreHB2Kqu-xKLbDu3XtichGoECXMMj42WPfDTW1eaK7FNTdsFJCU2MyvddPfJKFUmwxTmBPBbGso59Bf8X_HQ-sXhzEFbdNvW_1NW4XLtE-0GnVggODJNNV6zjbrEvkXLcTcchdbm1C1i0x4vdrB92ob9do_7U442s0EqonIJO5A-KVZHZIFNqXfg5XyXUU7Pk65GP6PsN7qZWmsNiAYda2kljkkbig4LRObIWo5VYKvoT6R9kWWnkOtVQ0Dt-r5ZVAAAa3B-RWZKnQdytpsu_oTze-nElUU8UMI1EwZWC77nEhuOXqf1qrNT12F6Q_fVlP_cxn_D8fsTapJdP5D9picFWXuIhE18vxj_7mgAJ8eIJ7uT2oXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy2u7owP2ZP_TGcvg7gPbsKngCcme0rFcpfyT93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQJVJj918R2yPuACAKgDAcgDAqoEvwJP0KyN0optg2WyTVlnmTePmska1mklO0rJFtrcDdIZPcb8vBbNSY1S7pS7wCoJ4fMFMw9aESkbT4Fin_K1zpgqG9YwI1CPw0ivjlOoIP3Jbv7A-X0cylmF_cwqPuDTfx7mrnLXbLqRVaLIycPFPxA3N8OZ0EILUQ02-lG1dzh1IHm6ftpZklscFSTGIgywsoVp9s7ZMrMQXVjYhe24NAGv1Y3jnFa2MM5fvztPftTbbumN1_E1ErJEtN8SJGQ5DlUZBTSYdt-8TnI4CaKGcjXvl9erNe2KtccNvTnTfuc57U6kOIGEAHwZIqRl-7s5ANpbahw55gGHwsS-DmuoIHxotsUNudbzIi9TxkMi0rTTjDwp8AB-IYya_wBmkQ2EFrq8o6x9keucfGHTaRFD4QbXmt0n2YalIP0eBqOP-b494AQBgAaJ4azD186-4H-gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ev9k-b6NODU6K1VulrCH0dzPFrA%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b24798520154a095933fe1beefd8739e3f95915e01a7bfaa2a2a77f5d24c3132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TZkH2gdhPF88eKm0_J8ilfDYnJocCGKAKKCKd2lfoDm7e31i4utt8ETVql6x73gElODsNGUa7fJ810DqOOxnrkHy9ZFF5kM_TvnSn-3EFzn6rkhkjKu1wzndx7yfK7nR0c62WRAw2ONO2AM3WYFxrVdZugrbZw00rD-NNBuPKYzxbqt10kXGlkUtuyBoMUBSfW4LFV3SHSulL-_hAc7klrCnQN-DoK-BGrGxgA49kXDyyxoXHdbzT4XNr_pjPiOCsC9WrA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56838367
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 8833 3 KB
1 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 12:07:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E9CE 1 KB
643 B 27ms
25ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 8833 20 KB
8 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8833 0
0 31ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSpYjb5kRqyfgxCB3JOVxKajfJN1y0zWitJIXHq6y_QwZzFyqZLRJL9SM0gTc2p2n6OQhRBEGITRFEj_DBprOkQC4LUA
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8833 24 KB
6 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8833 181 KB
56 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9CE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQ8FsEPQkL9NgvNaKO_-uM&google_push=AXcoOmTsqsrRqtfQRdziIMoTYda9dBafz3vXG3nVuhxwwPHhcwyq0YJU3X...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQ8FsEPQkL9NgvNaKO_-uM&google_push=AXcoOmTsqsrRqtfQRdziIMoTYda9dBafz3vXG3nVuhxwwPHhcwyq0YJU3XbcbkbvWkKVq-zJu-MgqVv23GC8Y2_dNYseOAvfMjg

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21080-AMS
pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1693844388.976839,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQ8FsEPQkL9NgvNaKO_-uM&google_push=AXcoOmTsqsrRqtfQRdziIMoTYda9dBafz3vXG3nVuhxwwPHhcwyq0YJU3XbcbkbvWkKVq-zJu-MgqVv23GC8Y2_dNYseOAvfMjg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E9CE
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE4mvBfHwqK1JXVA5yX2aBo&google_cver=1&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFTm8if8EKXduH5gGHU&google_hm=pSa1aKbdSvqmKtCtb7WjLEg

170 B
329 B

31ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFTm8if8EKXduH5gGHU&google_hm=pSa1aKbdSvqmKtCtb7WjLEg

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQMy2ICBzYxOAl4izm7ScXYLrSjaTEkinhKfRe8HlL1BXvIImT_MlHkvCht6S7j6LkyMwqjLwB5vFTm8if8EKXduH5gGHU&google_hm=pSa1aKbdSvqmKtCtb7WjLEg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E9CE 0
172 B 55ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHj8FXhXuKlcFKkS63q2WIc&google_cver=1&google_push=AXcoOmR50M9YGUYl6BYKLpsXN1pQrjPcKizf2RyBMnJB47yoLyMIIDev0GZCK16yAi1sWASrp_CCddQo6SYkBGUmQJ0FEMpz5g
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E9CE
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEGc_PW6eHjTHC0MQfSo97e8&google_cver=1&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwH...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwHDnHGcqLUALN0pp5Q

170 B
232 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwHDnHGcqLUALN0pp5Q

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ2yF_U0fMhb-GXU1ed454dFZSVpFAeRlJFo3eivWbaPZZX-0xKusvbxKHZswnvaiN_BOGggWFzvwHDnHGcqLUALN0pp5Q
Date: Mon, 04 Sep 2023 16:19:48 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9CE
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKHRsQkrA-mEX_JjyfutnHw&google_cver=1&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqT...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKHRsQkrA-mEX_JjyfutnHw&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqT...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g&google_hm=YUVHNFNpNkhaMWtYUlhENj...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 16:19:48 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5pkvoJqYiXV-Nem28ufh5K9rqGpjf7Dmtxj2h-x-EEKmztqwhenWyNCWgCH_Kfnim2eh1u2usx-FqTk91h0WqVALS0g&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 234
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9CE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMl0GAd7Tf8IQh82-4sCfFg&google_cver=1&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fmI...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fm...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fmIiTnhfGM2YEhk

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmQfK7OTsppLylRrC3pTURlJbEfXTDWQCkPewzB9DL3B8HNdAMK2YNsk-wK6MGAItxf8DvdXrlpdf4j3fmIiTnhfGM2YEhk
Date: Mon, 04 Sep 2023 16:19:48 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET pub
cs.chocolateplatform.com/ Frame E9CE 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E9CE 0
130 B 82ms
28ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtOWEbnazDljsl_8QAevIbFnC5VOyWyDM14YNy_dGNhesR2hfX3dJyaBnV1EEzbpKjSMMh

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8833 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ac0914fb73ca70b2d1cca1d9ff79ecddbc6a7913b341c05e813c217565b22dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 th
www.bing.com/ Frame A529 10 KB
10 KB 48ms
47ms Image
image/jpeg 2a02:26f0:3100::1725:e252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7353021430596_1HX7BKN51HP3IY4TD5&pid=21.2&c=3&w=248&h=131&qlt=90
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8279eac123e14c491caf41ddea33081964fb11a2a29e454946d10abae7ce7580

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.4ee22517.1693844387.1d58f98c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10184
alt-svc: h3=":443"; ma=93600

GET
H2 200 th
www.bing.com/ Frame 4209 12 KB
13 KB 61ms
59ms Image
image/jpeg 2a02:26f0:3100::1725:e252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.KCkLYDOpokdHhg300C300&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 681b6b34ddb733dbaccac4afb318e80136ef5d7290b90b8aada19ea4577b6eaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.4ee22517.1693844388.1d58f995
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12431
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 4209 0
532 B 54ms
15ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLtA-jtAQAAAwDWAAUBCKOH2KcGEL6T17uVjILKRBgAKjYJIiXhGitJyT8RDzv-K_mGyD8ZAAAAwB6F8z8hDw0SACkRJNAxAAAAgOtRyD8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiB9AWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcFYiAUBmAUAoAXQsfGb0NbS3CTABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBfjSGfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4H0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=2970de52f7b7c32dc75c2ba8176f79ac22dbd0a6&bdref=https%3A%2F%2Fwww.file-upload.in%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.file-upload.in%2F,https%3A%2F%2F80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 057282b4-9148-4f85-9094-b71b1b1b1ca3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame A529 0
531 B 13ms
13ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLtA-jtAQAAAwDWAAUBCKOH2KcGEJmT-4vy7OedWxgAKjYJbYZTsAA1yD8Rg8dGtRd7xz8ZAAAA4HoU8j8hgw0SACkRJNAxAAAAQOF61D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjB8QWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcFYiAUBmAUAoAWV7ImI_IfpmA_ABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBaPmYvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=4677f46cad3e3ebe1bb247595326ae4d677b5f6d&bdref=https%3A%2F%2Fwww.file-upload.in%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.file-upload.in%2F,https%3A%2F%2F80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 68ddb61c-e3f3-4d94-9aec-705fd9bdefc8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1F50 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAGaf8Ke7BLAApYWxQvUruLx85LvlOpYw&u=%7CwCdKRJ90J4zqICv5bElENPKVqDRTXRq30vIVrhXxcKw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrOFfqM-mAZrj2vHtyh6vjabVR_Ni9ydxafQmPtQxC0_f8Kq9liZDoX-aqmVRVDIHzLYhgZljJtnNssuYjr4-OGJ28jHqLivz0HvXYiChDxmvS0SU4JtFtWVRyrA_I71L7LqWEHn5jQ5wsCqAvsHzP65FPBLCHkOqreNfMHR6G1CnFzs0bWieFWZAUybKY8OkwyXPoyc66PjuovbreHB2Kqu-xKLbDu3XtichGoECXMMj42WPfDTW1eaK7FNTdsFJCU2MyvddPfJKFUmwxTmBPBbGso59Bf8X_HQ-sXhzEFbdNvW_1NW4XLtE-0GnVggODJNNV6zjbrEvkXLcTcchdbm1C1i0x4vdrB92ob9do_7U442s0EqonIJO5A-KVZHZIFNqXfg5XyXUU7Pk65GP6PsN7qZWmsNiAYda2kljkkbig4LRObIWo5VYKvoT6R9kWWnkOtVQ0Dt-r5ZVAAAa3B-RWZKnQdytpsu_oTze-nElUU8UMI1EwZWC77nEhuOXqf1qrNT12F6Q_fVlP_cxn_D8fsTapJdP5D9picFWXuIhE18vxj_7mgAJ8eIJ7uT2oXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy2u7owP2ZP_TGcvg7gPbsKngCcme0rFcpfyT93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQJVJj918R2yPuACAKgDAcgDAqoEvwJP0KyN0optg2WyTVlnmTePmska1mklO0rJFtrcDdIZPcb8vBbNSY1S7pS7wCoJ4fMFMw9aESkbT4Fin_K1zpgqG9YwI1CPw0ivjlOoIP3Jbv7A-X0cylmF_cwqPuDTfx7mrnLXbLqRVaLIycPFPxA3N8OZ0EILUQ02-lG1dzh1IHm6ftpZklscFSTGIgywsoVp9s7ZMrMQXVjYhe24NAGv1Y3jnFa2MM5fvztPftTbbumN1_E1ErJEtN8SJGQ5DlUZBTSYdt-8TnI4CaKGcjXvl9erNe2KtccNvTnTfuc57U6kOIGEAHwZIqRl-7s5ANpbahw55gGHwsS-DmuoIHxotsUNudbzIi9TxkMi0rTTjDwp8AB-IYya_wBmkQ2EFrq8o6x9keucfGHTaRFD4QbXmt0n2YalIP0eBqOP-b494AQBgAaJ4azD186-4H-gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ev9k-b6NODU6K1VulrCH0dzPFrA%26client%3Dca-pub-3831894559014614%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 1F50 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1F50 308 B
636 B 26ms
25ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1F50 293 B
621 B 24ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1F50 43 B
348 B 51ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4J-7-gFGvcLLiRDRJGIWSx_oBYePW27gGSoZ2CGVeaeIGYbmyv8SzeOazVpdGnwKREloRtIHdbpMdO9bexIbsEauiEUb1LBZXvGoLYflr5mxQ29W4ImBIkOA_sfnT9kp88UXrc_pJ2disWi-PGeWl_KP4Sb8W7uo3RWem3h3l3PVOu2p3PklNqhorHwQXIAwqQUemqcsf6OBCBjn_OcVPRvxi7f0Fy9hraTDJtvut5olh0mMtUdfF4QpAwIdUPNH9xwjV3i6bN_QtAFvDAETDCpDrQgxwWQEmkyNhG989le5jwEfzmOvRpjOKULNt1-G5gSUk7oS_OY2FAhqbc-3Ie2jD8CmQpqqYt0F7CJ2Yw78y2Hb2kBWlqC4gjLJer92FZ_hMDa_h_vTa73Ra5DQiC8NnechHPAz0NFeztGMn5vKNSDW7SZolVINdNttlnQsS8yNTdlG_otIl8XX2gqoUzJB-NY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2184922
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1F50 12 KB
5 KB 71ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2241027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMWq74tDveDJ3NDRv4AAG5zGhOrgl8Qp%2FwkjQJHGHTW56syuGzjYtAfM4RWeapxFP6ecpvmO06fieepyLTAK%2BViDwWWYDUHOqzukdHCtKpiC%2BIokziaD90hZq1NQTir%2FES7Ja5tziBbXcem9RoMRZBpZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80178e61ae6092b3-FRA
expires: Sat, 24 Aug 2024 16:19:48 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1F50 12 KB
6 KB 27ms
27ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H3 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A47 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 107ms
107ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pn=1&sn=3&pc=0.15085902214050292&ds=true&e=wdp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:48 GMT
cf-cache-status: HIT
age: 861914
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e618ed71db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_sq_fluidsquare&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:48 GMT
cf-cache-status: HIT
age: 861914
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e618ed81db3-FRA

GET
H2 200 aa37032363e74ec0814ff4d14b7598a1_mediamarktbold.woff
static.criteo.net/design/dt/ Frame 1F50 22 KB
22 KB 90ms
43ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/aa37032363e74ec0814ff4d14b7598a1_mediamarktbold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09c7021f40a4effdd66b1c5222be1a3637a90d273b6de4714dbbc59b160a325a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Jun 2021 09:06:41 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60bf3321-563c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff
static.criteo.net/design/dt/ Frame 1F50 22 KB
22 KB 104ms
57ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdb9595cf3bdbb77721ab7eba69c98f3fb80dba16e804310c508e3a465d2dfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Jun 2021 09:06:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60bf3320-5860"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1F50 39 KB
39 KB 74ms
45ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F4640%2F4890578%2F87936a587c8c477b9fa5278efceceec4_logo_-_usp_nl_-_final.png&v=3&w=470&s=mREL0C5_Kt6Jn3yG4E1_zAko

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

804cabbee7a28d0c78604ee742bbd50c5dfdb7a7b18fd6bb408feeeb075c06f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 40099
expires: Sat, 03 Aug 2024 10:08:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1F50 34 KB
34 KB 82ms
54ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fassets.mmsrg.com%2Fisr%2F166325%2Fc1%2F-%2FASSET_MMS_100630607%2Ffee_786_587_png&v=3&w=400&s=fT5sY93RhYdXRZvD1zeV6I-R&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2084991bd363820a4263dacc6f067da4ea4006155167891885b7580bfbb1ec2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=259200
content-length: 34806
expires: Tue, 05 Sep 2023 13:07:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1F50 38 KB
38 KB 79ms
51ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fassets.mmsrg.com%2Fisr%2F166325%2Fc1%2F-%2FASSET_MMS_93034018%2Ffee_786_587_png&v=3&w=400&s=eeA9psghQ9eN_S11Eqm1h7xp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e02fbfb65ee88f200c7b28cd74f885f11cf41b8e8e1eead461450286feaa506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=259200
content-length: 38481
expires: Wed, 06 Sep 2023 13:45:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1F50 67 KB
67 KB 52ms
24ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fassets.mmsrg.com%2Fisr%2F166325%2Fc1%2F-%2FASSET_MMS_108378955%2Ffee_786_587_png&v=3&w=400&s=8TVNdWB99E49kNtgpkeJZTqs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ac0635bec474cfe15b78cee6caa0a1bae00da7904396fdeba8f75c754e1cd1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=259200
content-length: 68554
expires: Mon, 04 Sep 2023 23:23:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F50 0
128 B 69ms
23ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TZkH2gdhPF88eKm0_J8ilfDYnJocCGKAKKCKd2lfoDm7e31i4utt8ETVql6x73gElODsNGUa7fJ810DqOOxnrkHy9ZFF5kM_TvnSn-3EFzn6rkhkjKu1wzndx7yfK7nR0c62WRAw2ONO2AM3WYFxrVdZugrbZw00rD-NNBuPKYzxbqt10kXGlkUtuyBoMUBSfW4LFV3SHSulL-_hAc7klrCnQN-DoK-BGrGxgA49kXDyyxoXHdbzT4XNr_pjPiOCsC9WrA&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1F50 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E1E0 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD46 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A529 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13832b6d3fdc793e8b6698d3c1432c687df6a1bdf1e26f45305717cefa63a163

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4209 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfac52f7959394631d55752a9e5f94a9f33f2178086f04c95ff45dda14db1d4b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7462 132 KB
45 KB 78ms
75ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAMkzQK4CYSAABsefG3UC8XoWfcyGCTUw&u=%7CwCdKRJ90J4w8F1p6h3g4dPRNB5lsBbs0ioOxTQfumaU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrONGvug9vhXrXbXNkanDX9C6l7IIAqT2M7jMtmsGyKueLy_QKr0uleDMzYWgPt3dFwkVrhp3IXjjqvjPVjGOiK5bjlAa2y5wC9yH-_W27WDpjGQRgpt0ZSWp7e_d5GnGONAra539Fd7ERbsAOqPTCpIm9Sp1ht-QQ28YSIhOUf7gXn6pFmExiXVkI93eqinqN6TFc-GUVpNqketBYLwS2ShyBmBzSq2q0dC32CLuLiGDHAwIDxmygwb4uzgrNwiHdi5A7J5Y7-9aRphe0S89uS-CK9dLHA3qdVJN6EuFNQoTfL43hrQbFGM_5v2tp8M9yjlDkqTCi4B6XEq4YiMn6flSFwIhtNaLmtrOh_LeYrKdBS6IoMPtKt3Fj96kckPjuPAJ9xiAr07LxUa03Fe5IT6Qgm6p3FKE6lTtwDAFa4wQr6XuDooHkqWU9VxWs0HfpSUgM-DcXUsp9oQZdj-_AJIcFfCzWBLBYyZZbUhbl5y3DG8tJMXplUtlz-geLxmugSPRmmBSTbjogGPRSL_sfwqv1zQguSNzhKpiQCc-wW_3nbIRKiAScfH0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3a4OowP2ZLSmMpLMgAf52IHQDMme0rFctZjj1pMBwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCVSY_dfEdsj7gAgCoAwHIAwKqBMUCT9AY-iclC9NygxCL89n6oa7MKOONomuzVzrSreEHORIeli-WczPlXmz5A8vxiPwdUSEE1Q0sCJYN4UKSwTWPjt_WV91W8je2iwiO2MlZHwW6nJxS4RcMqlFhgcCuURyFRiEwkUEZ9sNowi1xZmp0DDP_ODoNpAqi1GlxuEXAx9W0FTyk2YorUqIEPC1i4h4UxyWQPfbX63RsZcPzJ1YaORgeoRep-jUoF6hTjS0-EtlDlQz-M39eqGp6MKAgNsL3Hpi6Odx9_PdGhAx623IcF7XcdlpzB-RPhptaSU-7V8k0OFFQMd-dwtOCxGLMEMnsCgy3sYLvGlGJmRKdZTZKcvy33Kba0Y7eOY6Jj8r26yxQ3ZavtiJeWaSx3RWPYUsCj2nPwNoHe5XT6NtE9ZO3Vz4ysc3lD-Gklbsb8geab0qluRpCtuAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2B8kDrthvAMmNcqX7NQCLObSLeag%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f25dd6992232b59446249206b7b02cc4b7eab2af7a5eb3a219636d60fb313fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=D2bKPwdhPF88eKm0O0fJrzmz7kbUAxL59hMNK2jK8fYM0Szc-toJ5nZ7zg1VOq8fLJNtRs_r2j_QmBsZ9ccU6i3OycFAl5ep9mjVUubikhprIxCnSL2OCWHeBmPx2yA79mT3j8q3l7VKYPlh5rE5V7QI5JKK_j_vXfQcPZy49y9oc6JtXwNZkgrx8p1w2lwknB4LKfVBuiN_DXjug8pIbot933fwWv-N87vZY2ekFvmwBv5gPhQW6lGsAEkYpncpmhkb7w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61076264
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4A47 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 12:07:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FF4D 1 KB
643 B 21ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4A47 20 KB
8 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4A47 0
0 29ms
27ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrEWgyQYErvjbIRCqIpbrds3uF_mrI-ZB8BzyGusItaeXWcR5YA5AC9XCq83MiLFY36shV40Molk9ws-_9LluhmIx75w
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4A47 24 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A47 181 KB
56 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:48 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4209 0
581 B 20ms
20ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLyBuhyAwAAAwDWAAUBCKOH2KcGEL6T17uVjILKRBgAKjYJIiXhGitJyT8RDzv-K_mGyD8ZAAAAwB6F8z8hDw0SACkRJNAxAAAAgOtRyD8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiB9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA4UDCq8CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YmQzZTljYy0wN2RkLTQxMGMtOWU0NC01ZGM3NzYxZThhODEmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0OTQxNTgzOTA1MzA0NDYzODA2IgkzODE4NDY3MTQqBCFM8JU6JFUyaHZjSEJwYm1kQlpDTXhOREEzTnpjMU9USTRNRFF3TnpNesAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXQsfGb0NbS3CTABQDJBQAAAAAAAPA_0gUJCQAAAAABD3DYBQHgBQHwBfjSGfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4H0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=56e991326819bbe1679d395012e54208fe1e6ce2&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=8542884871986559977&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 3c912565-a837-400c-b7b1-073e55deb48c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame A529 0
581 B 13ms
13ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLxBuhxAwAAAwDWAAUBCKOH2KcGEJmT-4vy7OedWxgAKjYJbYZTsAA1yD8Rg8dGtRd7xz8ZAAAA4HoU8j8hgw0SACkRJNAxAAAAQOF61D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjB8QWAAQGKAQNVU0SSAQEG8F6YAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgODAwqZAi4wAPBpYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjNkNTRiMTYtNGZiYi00NzQxLTk3YWYtNmFjZmUwNjU0N2RlJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfQqAXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2NTc0MDIzMzQ2MzY5Nzc2MDI1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56TTRNRFV3TWpRMk9UWXpNakVqTWpNeU5UWXdORFV6TVRrMU1ETTNNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZXsiYj8h-mYD8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPmYvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDQkuJgAM2gcGCAkvmAcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=8e9df86168cc755baa94822d3d3726cc7f511959&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=158&sid=8542884871986559977&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 2691d111-7364-4e38-966b-287cc8fad225
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4209 0
0 68ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtQzBowP2ZLXHHI7B7gP4roGQA9Lg1-Buj6S2k5MKwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCeACAKgDAcgDAqoEuwJP0PGnxdJUkLgkpZlNDGfu_ICxYJjOTi8hdolIzM91bIDBQx7osuULEoucPom7Lp3CIbOa9R8BGquF5Iko1VXd3v8AM-vKiridOoBQQXuKgIF1X_UaJA_AUH1ZqCCQyhywvfGgpM0GWivf8WDe0-mIcaqOFzJTMpwCtIMXfrnmUM5jBm9AFdtc-uyuENWzGtbkzcMxoW4x7JfLO_mD0G4Wui5887j8xoIYRE7ifxtTPhe1bCt76qEWJl6yrJ3YvPDF-08gxpDT255J-Zih1IW4byzmQKNoEqdtwOe_NXfvMFnI3aUdT7QMDOr_VhzfzWmYLxOdcLtxcRjjBy5W_7ZOc6tjga9b-c1fDCW5mZHilaKEBaRD1X_3btMMOYGm3od8keJv_bPKqziZ1eRpIcajJ4tutPRJpgSTCZ7gBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=ekLjfPw2h3Y&uach_m=[UACH]&cid=CAQSOwBpAlJWWSaXBgIOE6mt6SHg4_o83oYNGZS9Voh10bCb9YZJdCKmMDv9P75CST_dai9U3ogHczKuIwuqGAE&cbvp=2&vis=1
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 4209 0
531 B 16ms
16ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLyBuhyAwAAAwDWAAUBCKOH2KcGEL6T17uVjILKRBgAKjYJIiXhGitJyT8RDzv-K_mGyD8ZAAAAwB6F8z8hDw0SACkRJNAxAAAAgOtRyD8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiB9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA4UDCq8CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YmQzZTljYy0wN2RkLTQxMGMtOWU0NC01ZGM3NzYxZThhODEmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0OTQxNTgzOTA1MzA0NDYzODA2IgkzODE4NDY3MTQqBCFM8JU6JFUyaHZjSEJwYm1kQlpDTXhOREEzTnpjMU9USTRNRFF3TnpNesAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXQsfGb0NbS3CTABQDJBQAAAAAAAPA_0gUJCQAAAAABD3DYBQHgBQHwBfjSGfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4H0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=56e991326819bbe1679d395012e54208fe1e6ce2&pp=ZPYDowAHI7UKe6COAABXeMSxBb0X1GeaAS5Tjg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV5t8owP2ZLXHHI7B7gP4roGQA9Lg1-Buj6S2k5MKwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCeACAKgDAcgDAqoEvgJP0PGnxdJUkLgkpZlNDGfu_ICxYJjOTi8hdolIzM91bIDBQx7osuULEoucPom7Lp3CIbOa9R8BGquF5Iko1VXd3v8AM-vKiridOoBQQXuKgIF1X_UaJA_AUH1ZqCCQyhywvfGgpM0GWivf8WDe0-mIcaqOFzJTMpwCtIMXfrnmUM5jBm9AFdtc-uyuENWzGtbkzcMxoW4x7JfLO_mD0G4Wui5887j8xoIYRE7ifxtTPhe1bCt76qEWJl6yrJ3YvPDF-08gxpDT255J-Zih1IW4byzmQKNoEqdtwOe_NXfvMFnI3aUdT7QMDOr_VhzfzWmYLxOdcLtxcRjjBy5W_7ZOc6tjga9b-c1fDCW5mZHilaKEBaRDl33W_BGow-wyJPPJD7vrS7fpobyQ-_ywg0D6ozfunthRZoVxZAodJDTgBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LsIxl60HFmh6kA8UMctCoxfnvRg%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 599e91b0-8aef-4c11-9df9-84707c033cd5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A529 0
0 66ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C35YuowP2ZP_-HZqD1PIP4KyPoAvS4Nfgbo-ktpOTCsCNtwEQASAAYJEEggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBMICT9Ak-ZFxyjLbLdjiICngrDDrUctq5n9Eq_8WrXPdBXQYDtWgc3e-CN7kdAxHO8b45lP50Xhi2khqJSbrcucHp3Eh8UZN8bIJY6j6_Spe6UI5MR45yrPqUTZox4iXLtwg9dZmBpmE1aAX-6MBpvc11l1HaCMY6QNdsfyt5vp0nhTlVAEytbSMGDqvV1r9Hs3Y9r_vdbDqpDo_7aPSD_6SQf7JyGmARCt3UgfgZVNu8k3VMXxvzlb_7rr85IYfklNKcVUX0Q8_XbmkKiR4XuAR6mEazO1qfxbkGWI2o6kq68rLHkrfXGhF9nBAOFMWaCDRsI_fMKw_-ZFZdJf-O3aVICMam_drH3DGgbBpIyztdfbQ_YtopdiO_v0BDbcI14AWEb6_C_rDBGy-TsMZffn8p0N7QIYxVIgYReEmGh2uN77a7OAEAYAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=vnfg4yM3szQ&uach_m=[UACH]&cid=CAQSOwBpAlJWeSQD80HlvXqe3lYM2IWG2Ec5XfOJf3us-m9ndgHzpmgiWnGJE0qtt0Vn3pchzMdGdiUqgMhBGAE&cbvp=2&vis=1
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame A529 0
532 B 15ms
14ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLxBuhxAwAAAwDWAAUBCKOH2KcGEJmT-4vy7OedWxgAKjYJbYZTsAA1yD8Rg8dGtRd7xz8ZAAAA4HoU8j8hgw0SACkRJNAxAAAAQOF61D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjB8QWAAQGKAQNVU0SSAQEG8F6YAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgODAwqZAi4wAPBpYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjNkNTRiMTYtNGZiYi00NzQxLTk3YWYtNmFjZmUwNjU0N2RlJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfQqAXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2NTc0MDIzMzQ2MzY5Nzc2MDI1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56TTRNRFV3TWpRMk9UWXpNakVqTWpNeU5UWXdORFV6TVRrMU1ETTNNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZXsiYj8h-mYD8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPmYvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDQkuJgAM2gcGCAkvmAcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=8e9df86168cc755baa94822d3d3726cc7f511959&pp=ZPYDowAHf38IVQGaAAPWYFVBe_RVhstgIHDAxg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeSjVowP2ZP_-HZqD1PIP4KyPoAvS4Nfgbo-ktpOTCsCNtwEQASAAYJEEggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBMUCT9Ak-ZFxyjLbLdjiICngrDDrUctq5n9Eq_8WrXPdBXQYDtWgc3e-CN7kdAxHO8b45lP50Xhi2khqJSbrcucHp3Eh8UZN8bIJY6j6_Spe6UI5MR45yrPqUTZox4iXLtwg9dZmBpmE1aAX-6MBpvc11l1HaCMY6QNdsfyt5vp0nhTlVAEytbSMGDqvV1r9Hs3Y9r_vdbDqpDo_7aPSD_6SQf7JyGmARCt3UgfgZVNu8k3VMXxvzlb_7rr85IYfklNKcVUX0Q8_XbmkKiR4XuAR6mEazO1qfxbkGWI2o6kq68rLHkrfXGhF9nBAOFMWaCDRsI_fMKw_-ZFZdJf-O3aVICMam_drH3DGgbBpIyztdfbQ_YtopdiO_v0BDbdK1aGE0xpFZm45cNkgF0evedr2I0pVWF-T0tGc-WEMNgVutly3ePVtK-AEAYAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ByMlB1XPh1NPyywS5Ns388_lysQ%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
an-x-request-uuid: 37dbb399-a79f-46af-94cc-97f858d47559
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 1F50 2 KB
854 B 27ms
27ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 1F50 2 KB
854 B 22ms
22ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1E0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlBZRHBBQUtrTjZyaGdCVg==&google_gid=CAESEIiRandhAc4DVdq49JuLUfI&google_cver=1&google_push=AXcoOmQzz_6T8S8NSNFDu-RevhumFh9ydc...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlBZRHBBQUtrTjZyaGdCVg==&google_gid=CAESEIiRandhAc4DVdq49JuLUfI&google_cver=1&google_push=AXcoOmQzz_6T8S8NSNFDu-RevhumFh9ydcEIm3ERADXK4BMoS00Znp3RORPU4-ovaCHMJN8Hno7PShjm4kfoWOB6vXVday5Otw

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21080-AMS
pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1693844388.288312,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlBZRHBBQUtrTjZyaGdCVg==&google_gid=CAESEIiRandhAc4DVdq49JuLUfI&google_cver=1&google_push=AXcoOmQzz_6T8S8NSNFDu-RevhumFh9ydcEIm3ERADXK4BMoS00Znp3RORPU4-ovaCHMJN8Hno7PShjm4kfoWOB6vXVday5Otw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1E0
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEF0PdlrG9Lk1eo6V93pa3eI&google_cver=1&google_push=AXcoOmQ8c6GSVdF-ibPXjZ-TvdIbbNGFEDyq5Cd1dGcJewkmP6YpeI3fW5ekSsz3SdMpVufOol9fTL1p5Ol4sJn_4ws0rPq0lhw
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823062131015

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823062131015

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823062131015
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1E0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGzq0QP6vcOgbSRQyFYrwbA&google_cver=1&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6n...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6nLIz1hg1-hA5o

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2G7zHkSwV1JRzMjxmmQKoF_Tkkg&google_push=AXcoOmTb3l9_vU1tgh3sfsTkt53wytxvQCTuWao3x6ZRW81cxzv06UDZI-K1KHS9watCXYyFWZCXS39HL6K9w6nLIz1hg1-hA5o
Date: Mon, 04 Sep 2023 16:19:48 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1E0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJHXOwvRTvU7agrii4akIXA&google_cver=1&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE01MzdRUTctRC02N0gz&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8GqCgZUvp57BY9leIAMjiJChs

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE01MzdRUTctRC02N0gz&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8GqCgZUvp57BY9leIAMjiJChs

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE01MzdRUTctRC02N0gz&google_push=AXcoOmT6XB9ZkTohPBMsWENUwEbqhU-HwbU9pWxf_MH_A4xv-OyCrdJsZhO6MMhiwHd7yf7MTX8GqCgZUvp57BY9leIAMjiJChs
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame E1E0 43 B
199 B 114ms
31ms Image
image/gif 52.50.158.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEKytol-V2ctCuGpl3XTVSgc&google_cver=1&google_push=AXcoOmS4gd9p74KT-kWKucm_yMG4R-yFNDzRPkhixhk2k4zsUxGIlxMwead6SzPnm5qBeyBAA0yWJOCs6AihbbQnb-fLDV1P7uE
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.50.158.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-158-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 16:19:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame E1E0
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENMZ1amGzgKCqG5nXWykOYE&google_cver=1&google_push=AXcoOmRNrnjtmdqKYPvNKJ0a5yYlNs8qZn9qvVfi9lwo7nYbZJvkR2kHKpXQiUOJ8vqm_Y7xMJBaKXm89vI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRNrnjtmdqKYPvNKJ0a5yYlNs8qZn9qvVfi9lwo7nYbZJvkR2kHKpXQiUOJ8vqm_Y7xMJBaKXm89vIFyqV_ZkoZI_tWYqJw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

22ms
21ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1E0
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_cver=1&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksos...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksos...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3&google_hm=UFc2eHNhanctY0dY...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3&google_hm=UFc2eHNhanctY0dYZ29aX25XUUg=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 16:19:48 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ1u8Z6R3ThCdS3T8CVUGLUXfefGIcpLROUPzjmuik7ItSpvLEf21GWutz_g9Q0alvQhksosFTZcDwaKuQ-rtdQdnCKG3C3&google_hm=UFc2eHNhanctY0dYZ29aX25XUUg=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E1E0 0
12 B 30ms
29ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jgjp36jVFsA6ASNXPemYMNs3AafyoJ3K8R-KReT5QCxy6d4WrBJY1SzRZmMeLctWqsyeeBPMw

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7462 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPYDowAMkzQK4CYSAABsefG3UC8XoWfcyGCTUw&u=%7CwCdKRJ90J4w8F1p6h3g4dPRNB5lsBbs0ioOxTQfumaU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkIo7pLyow73hi_eMU9p_SWhyC4jTcpcrONGvug9vhXrXbXNkanDX9C6l7IIAqT2M7jMtmsGyKueLy_QKr0uleDMzYWgPt3dFwkVrhp3IXjjqvjPVjGOiK5bjlAa2y5wC9yH-_W27WDpjGQRgpt0ZSWp7e_d5GnGONAra539Fd7ERbsAOqPTCpIm9Sp1ht-QQ28YSIhOUf7gXn6pFmExiXVkI93eqinqN6TFc-GUVpNqketBYLwS2ShyBmBzSq2q0dC32CLuLiGDHAwIDxmygwb4uzgrNwiHdi5A7J5Y7-9aRphe0S89uS-CK9dLHA3qdVJN6EuFNQoTfL43hrQbFGM_5v2tp8M9yjlDkqTCi4B6XEq4YiMn6flSFwIhtNaLmtrOh_LeYrKdBS6IoMPtKt3Fj96kckPjuPAJ9xiAr07LxUa03Fe5IT6Qgm6p3FKE6lTtwDAFa4wQr6XuDooHkqWU9VxWs0HfpSUgM-DcXUsp9oQZdj-_AJIcFfCzWBLBYyZZbUhbl5y3DG8tJMXplUtlz-geLxmugSPRmmBSTbjogGPRSL_sfwqv1zQguSNzhKpiQCc-wW_3nbIRKiAScfH0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3a4OowP2ZLSmMpLMgAf52IHQDMme0rFctZjj1pMBwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCVSY_dfEdsj7gAgCoAwHIAwKqBMUCT9AY-iclC9NygxCL89n6oa7MKOONomuzVzrSreEHORIeli-WczPlXmz5A8vxiPwdUSEE1Q0sCJYN4UKSwTWPjt_WV91W8je2iwiO2MlZHwW6nJxS4RcMqlFhgcCuURyFRiEwkUEZ9sNowi1xZmp0DDP_ODoNpAqi1GlxuEXAx9W0FTyk2YorUqIEPC1i4h4UxyWQPfbX63RsZcPzJ1YaORgeoRep-jUoF6hTjS0-EtlDlQz-M39eqGp6MKAgNsL3Hpi6Odx9_PdGhAx623IcF7XcdlpzB-RPhptaSU-7V8k0OFFQMd-dwtOCxGLMEMnsCgy3sYLvGlGJmRKdZTZKcvy33Kba0Y7eOY6Jj8r26yxQ3ZavtiJeWaSx3RWPYUsCj2nPwNoHe5XT6NtE9ZO3Vz4ysc3lD-Gklbsb8geab0qluRpCtuAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2B8kDrthvAMmNcqX7NQCLObSLeag%26client%3Dca-pub-3831894559014614%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 7462 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7462 308 B
636 B 25ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7462 293 B
621 B 23ms
22ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7462 43 B
347 B 17ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=P8QjjAFGvcLLiRDRJGIWSx_oBYflVbGiyguiAyUw1sWv6aimZZRCzNCIdbKC8CMA9_jXYwb0HOQ_CB8re56K3xgG7ite_fmBzymYnQ1_HOIvg2vOkV11tXTeX6R-N4wwu0gP6z--nBb7mH4SedOWVl06qCay9ZC7nUNHNGRh8iGaTZlgGkr3-XXp2r6Fci4eKo-I6Xmptqwvqt1VnS15-rOMt-7XLF5Je9VClroItCoW22joezMouTt2E9S2Xjk_y-pgFkNLgYbOx9QWAaWHz9A2CLd1jDnFP8xVi-5MM--j8egeoFfc1j6EnVKVtjHNMFBUBWqpF5CaF2y0zJNrWuAtp9ll-iDu8SzdY0jNvCUzip0YSYd3tsOhrXUJ2gxV-azv9QUqK9VbbfaCIr6NO9NX_-iqPsa7kcM9rRnUzaYXyj4HOdMWZc30myuQrJmt7jskBuIwU1wGNEGecyh4BOCL3ts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2162233
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEGHIlr9Uy1MQ7RYHeH-9cU&google_cver=1&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQiJRaY4ZDua02KCw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F23D479F8146E6928D785344F7C7B7&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQ...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F23D479F8146E6928D785344F7C7B7&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQiJRaY4ZDua02KCw

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F23D479F8146E6928D785344F7C7B7&google_push=AXcoOmTuQOY8W6ohBBu534LK9fJ3_QxA07b6BXpheOyv4N4fYmufIVvMUoG1n4-btnyzq7l0_xofKVXMxWNeTCQiJRaY4ZDua02KCw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 16:19:48 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BD46 70 B
265 B 110ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPttOVnCeq07UZLlc_kLVJ8&google_cver=1&google_push=AXcoOmQOuNArQaG9hI-CnS9fS7lp0uUaj9ApEXhmiaXXlppuQkpnEtg4OiNiYTKS9Ikv1d5Wms4sxUxEprPnASDIoRHm6H2StG-Q
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEGM--OLrlSUQCzC3HJ3RxSY&google_cver=1&google_push=AXcoOmSPhoYx9MjOYaKNkBnLKE6A_0DWgk36xEbI0qIbsa67Zpq_DZNG5nIZQmWmtXXCbVqv_LKMfYU-vkymQNT8rL_fJw6ls_zL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDZEODhERkNGQjBBOTFGNg==

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDZEODhERkNGQjBBOTFGNg==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDZEODhERkNGQjBBOTFGNg==
date: Mon, 04 Sep 2023 16:19:48 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHvW5dDfI4ozNtF_BbyPgAI&google_cver=1&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnv...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHvW5dDfI4ozNtF_BbyPgAI&google_cver=1&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSTB5k97PEg_Yn7raijKJOgKzjFh850mcISMRDil-K2m-lOLddOxhzazEPlglhpqW27VW7FDZlIo5iitWbP4-4yWnvAb9CK8g
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Dvvi3AsQru0uglcHI-wGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Dvvi3AsQru0uglcHI-wGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR5lPoK5I1UW55wboTu5wU3it_FJU2R3JXEkTxpxEI_UcLUsHJOFqBRFW2_sN1162B9IjXOc0_0_jcJh1cp0ju64mQgMzzH9g

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Dvvi3AsQru0uglcHI-wGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR5lPoK5I1UW55wboTu5wU3it_FJU2R3JXEkTxpxEI_UcLUsHJOFqBRFW2_sN1162B9IjXOc0_0_jcJh1cp0ju64mQgMzzH9g
date: Mon, 04 Sep 2023 16:19:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_hm=ZPYDpCiaQtHv5hSIAr6k7wAADHIAAAAB&google_nid=index&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_hm=ZPYDpCiaQtHv5hSIAr6k7wAADHIAAAAB&google_nid=index&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-CeCbs8iTQPh8PpnPwWu0Rmooo3A4FJNN1lF74ts29mdIDTXOWeXJgFchXk8QgeuqA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 16:19:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrF4gT-VjwYGVY4PXsWnWI&google_hm=ZPYDpCiaQtHv5hSIAr6k7wAADHIAAAAB&google_nid=index&google_push=AXcoOmTkr_enad_Yizx855MCvdAUA29Hk0FZ-CeCbs8iTQPh8PpnPwWu0Rmooo3A4FJNN1lF74ts29mdIDTXOWeXJgFchXk8QgeuqA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD46
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOVYEuj58gUXTs-25VOxMxI&google_cver=1&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15H...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15HbleHafw3W0qujkmyOEgqVFQCw&google_hm=YUVHNFNpNkhaMW...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15HbleHafw3W0qujkmyOEgqVFQCw&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 16:19:48 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRA0ew1ZXasO_HWYkdMzJ_9xpvJx2M0LmARlHnO9kDXV0nIchlSv9-8GSH-DxBsEZCpnb15HbleHafw3W0qujkmyOEgqVFQCw&google_hm=YUVHNFNpNkhaMWtYUlhENjRGams=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 242
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD46 0
12 B 28ms
27ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJQdAbZ4paJT8WPnRaExJ7kk01xNfFHRhiD7GMQ8ytzkVGbt4r14P-7d75Yr5Vr6mbS1bQ1w

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF4D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENERlGVBKTGOO-voDmmZ5Ms&google_cver=1&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41Hw...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_j1oV81ZRZiNYA3WgzwCjA2&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41HwxulIhX5CzOg

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_j1oV81ZRZiNYA3WgzwCjA2&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41HwxulIhX5CzOg

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 16:19:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_j1oV81ZRZiNYA3WgzwCjA2&google_push=AXcoOmSOZPwmN4xq1KtfGfh5TyknxU-mPGrTfKBD9Y69EUl_DIUsswr8WhggUIP-Dogq7_wtJoCqfEWeoPPc41HwxulIhX5CzOg
x-host: tde-deliveryengine-production-684d5dc7fc-c2949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF4D
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMpY8vwo_7YN2L4IvYRxTLQ&google_cver=1&google_push=AXcoOmQfsA-RXQ_roKL5Ow71AUKklw3Rn3BAIHSACL3l26onvGhfPFs3csoG6FNBDUwkEG-xvvm6UjcgnvSS5D6CwyoHkxdb7xU
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823061997264

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823061997264

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=823061997264
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF4D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJjBNzMOr3sQUDCFan-R6mU&google_cver=1&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZFAW7I&google_hm=eS1tNnFEMnpCRTJwR0RubnF...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZFAW7I&google_hm=eS1tNnFEMnpCRTJwR0RubnF2QjJXdmxWRVlLQ09xMmYyX35B

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyqCYhZDJoDnU31dSQjC-yb2cK-LAs_vBbRTTa4g0G3TBWgcMbX0k1AQ6s7_RhLaOJHkqKoW6OWtIK1rJSjX6jMZFAW7I&google_hm=eS1tNnFEMnpCRTJwR0RubnF2QjJXdmxWRVlLQ09xMmYyX35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF4D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGEIWHW4-zLuMFi06xUfaBM&google_cver=1&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_Tsl...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGEIWHW4-zLuMFi06xUfaBM&google_cver=1&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_Tsl...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc&google_hm=HRATsGZHlufqNKKVQmWuod9X

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc&google_hm=HRATsGZHlufqNKKVQmWuod9X

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Sep 2023 16:19:48 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx7ZcvBmO0DiT6a7jOUhoxe8KZEypSIgK4Zb0__1Wh6oyyjCL3muEsJ_vuHyBXm6DoEM4nsDJ512Bat_TslNQTzS95gYc&google_hm=HRATsGZHlufqNKKVQmWuod9X
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame FF4D 0
44 B 741ms
243ms Image
text/plain 52.193.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEHt-obKF_7-XT0dc7kRhnHI&google_cver=1&google_push=AXcoOmQMqAdJdf8u6UY42zA0c95FeKQ75EUAN2f8hG4ZzIFxpMrdphNakf8XtZlZfP_iXSfCvhS1_zjiaprqWXGxMbU4QiMzdQ
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.101.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-101-23.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF4D
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOQrUQoGkvsN2sxy0ORtjpk&google_cver=1&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQr...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQrvzMMD&google_hm=MjI5MjMyODQ...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQrvzMMD&google_hm=MjI5MjMyODQ2NzgzNjAwMDI2Nw==

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRTr_-hfUH6YHMHAt6m0AVg44bi2WTIW-MtWKMVPzFImZzp87UyvuzLs9s6NXl8PfsbGjJ71TFRAmG5vQr2BOkjQQrvzMMD&google_hm=MjI5MjMyODQ2NzgzNjAwMDI2Nw==
Date: Mon, 04 Sep 2023 16:19:48 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame FF4D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEInb9I34Ix8CVjOLpGJgyvk&google_cver=1&google_push=AXcoOmRiNftLmt5fb5o287V0y2XOOQ3R8LPrQ357yWt2zx8vDZmjdO71FCJm7uFpbqTkkm7XrHW6i4tKb04...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiNftLmt5fb5o287V0y2XOOQ3R8LPrQ357yWt2zx8vDZmjdO71FCJm7uFpbqTkkm7XrHW6i4tKb04FDs91kL8qvknpc6M
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

23ms
22ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FF4D 0
12 B 31ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lm2TKAANogydhK3AG2hGaSbhZSZ5BAwkXtZldfFRg0gFTuW-nCCPDqvwdVuZjwMxlRElZxgzo

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7462 12 KB
5 KB 29ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2241027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiNFpoJozfAJYupP8qJymofCxm6uB55Td%2BL2ffg7a0ZfA3umPNLpLvznXLdsgLAA%2B78HqiaPjHvtbGh6PeKkY4oK5sbNf59Ov%2F2bjJUYRhbv8%2BVdLKPUFdZ1GFWl0DGFeyySPVIzKz9GzTQGVulFEWOu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80178e630fea92b3-FRA
expires: Sat, 24 Aug 2024 16:19:48 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7462 12 KB
6 KB 25ms
25ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 aa37032363e74ec0814ff4d14b7598a1_mediamarktbold.woff
static.criteo.net/design/dt/ Frame 7462 22 KB
22 KB 28ms
27ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/aa37032363e74ec0814ff4d14b7598a1_mediamarktbold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09c7021f40a4effdd66b1c5222be1a3637a90d273b6de4714dbbc59b160a325a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Jun 2021 09:06:41 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60bf3321-563c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff
static.criteo.net/design/dt/ Frame 7462 22 KB
22 KB 33ms
31ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdb9595cf3bdbb77721ab7eba69c98f3fb80dba16e804310c508e3a465d2dfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Jun 2021 09:06:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60bf3320-5860"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7462 39 KB
39 KB 17ms
14ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

804cabbee7a28d0c78604ee742bbd50c5dfdb7a7b18fd6bb408feeeb075c06f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 40099
expires: Sat, 03 Aug 2024 10:08:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7462 67 KB
67 KB 20ms
16ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fassets.mmsrg.com%2Fisr%2F166325%2Fc1%2F-%2FASSET_MMS_108378955%2Ffee_786_587_png&v=3&w=400&s=8TVNdWB99E49kNtgpkeJZTqs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ac0635bec474cfe15b78cee6caa0a1bae00da7904396fdeba8f75c754e1cd1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=259200
content-length: 68554
expires: Mon, 04 Sep 2023 23:23:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7462 31 KB
32 KB 21ms
20ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4640&q=80&r=0&u=https%3A%2F%2Fassets.mmsrg.com%2Fisr%2F166325%2Fc1%2F-%2FASSET_MMS_103524786%2Ffee_786_587_png&v=3&w=400&s=DNMSXa9U97GKRiAwXpanVWDG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b8f6a8161cd52f18246484f1ab849d5722e5e6c9e3e33801a173d15d5d13fd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=259200
content-length: 32250
expires: Wed, 06 Sep 2023 01:56:27 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7462 0
127 B 23ms
23ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=D2bKPwdhPF88eKm0O0fJrzmz7kbUAxL59hMNK2jK8fYM0Szc-toJ5nZ7zg1VOq8fLJNtRs_r2j_QmBsZ9ccU6i3OycFAl5ep9mjVUubikhprIxCnSL2OCWHeBmPx2yA79mT3j8q3l7VKYPlh5rE5V7QI5JKK_j_vXfQcPZy49y9oc6JtXwNZkgrx8p1w2lwknB4LKfVBuiN_DXjug8pIbot933fwWv-N87vZY2ekFvmwBv5gPhQW6lGsAEkYpncpmhkb7w&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7462 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 1F50 13 KB
13 KB 28ms
28ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e1-327c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
DATA 200
OK truncated
/ Frame 4A47 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a1bec0060ef040be4031eb9298598167d86bc12b79eef13dbc5fa546d493567

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8833 0
0 65ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf46bowP2ZP_TGcvg7gPbsKngCcme0rFcpfyT93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQJVJj918R2yPuACAKgDAcgDAqoEvAJP0KyN0optg2WyTVlnmTePmska1mklO0rJFtrcDdIZPcb8vBbNSY1S7pS7wCoJ4fMFMw9aESkbT4Fin_K1zpgqG9YwI1CPw0ivjlOoIP3Jbv7A-X0cylmF_cwqPuDTfx7mrnLXbLqRVaLIycPFPxA3N8OZ0EILUQ02-lG1dzh1IHm6ftpZklscFSTGIgywsoVp9s7ZMrMQXVjYhe24NAGv1Y3jnFa2MM5fvztPftTbbumN1_E1ErJEtN8SJGQ5DlUZBTSYdt-8TnI4CaKGcjXvl9erNe2KtccNvTnTfuc57U6kOIGEAHwZIqRl-7s5ANpbahw55gGHwsS-DmuoIHxotsUNudbzIi9TxkMi0rTTjDwp8AB-Ic6Y3pLhHpGXqSaoAHxANxOVaGtlYz9bY7Ifp3vVZpiJOHi0grAw4AQBgAaJ4azD186-4H-gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=QgTrNSsMnow&uach_m=[UACH]&cid=CAQSPABpAlJWglsRjbtc49SDTg4eDHK4pc2g-fnEpRn2tAfDF3j0LfOhiiXJhOm4NLWiS_-_qYymCen8so-lAxgB&cbvp=2&vis=1
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 8833 0
126 B 45ms
15ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIjzFrv5RIAImAKdg2ICAgAAAHobFO5qgn2yEKID9mRNC7efNx52J320AAASAAAKCkFRVUJBUUVCQVE&wp=ZPYDowAGaf8Ke7BLAApYWxQvUruLx85LvlOpYw&cbvp=2

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 206267
server: Kestrel
content-length: 0

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 1F50 13 KB
13 KB 27ms
27ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7462 2 KB
854 B 22ms
22ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7462 2 KB
854 B 23ms
23ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
125ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308300101&jk=4154827571813612&bg=!k5ClkN_NAAYHwnCgJ8I7ADQBe5WfOOmSrZ_wHreRB7NoGL6I_xzvOM2U1-Ir4bdZxc3GGYmU7o8OcrF4adr-Yb_S4AZ_AgAAALxSAAAABmgBBwoAU1JUe0MWprhcyY1E8qi3FBQs51ymKkhsLcXSUvb0sAakiKzFimoN73JXiGtG1uD3lfrioT1-FJ9TTewzv4nrSywyp4Ys1iEbw4QMUidYYYYJF48nmQLAPm1HWthz_m_hTw7s5HOmvES5NBwTlWCElzGATdBHlvOBtxuZOlS_LDlH-KWdnoZf2F1mjpY9siUkDT626YcXCgrpQoqpCPFbF8uRX-wTiDJ-8ubSjYb8CjVM56QaGl_6ttWBWMZwapyZlgvXNLW2Nz4e9EXU51p-GreLGDorPmi8v8qkbOVoWmEEAJGwZ_mOUeiRSKrUa7CJYOzKn7qZf_YTQqRiK8u1zKuzhC9G_prxnOSNcc6X5TAXivrlyVxm2jDGckfOyEFrntSlIhIJBHK7n6Ox8BfX85qV7SVs-GTbbjlGvsOfKsXs6fDW6zccDPRQwgkU7chAep279x5egUGE81jfqfIf9oWcEfelXfQiLjdxfYbJV4rlmIHOFL_y6THk3WUKbgC4SY271AsR8iBdwjJG6X30dOMadtxi7-V9MReic8_fb-OHnC2PGjS1nXqB-ucmbxQfgGXaww3jzpXeseMeP-l0-4S8gfodFIuKEffmwnr9FVMJ8Q4yJP9F83Lm89xi7nq3pAvAD5iO6OU76G4Wij4OT7DnLT04NTp7QOwMcT9aXRA4Efe2TZ1_QhlTUIDRCKli4145sCykr22hlzWXZQAaHIrk9ek_efyNhrXWZ4rYDTP-M355Lsv0ByqfYJY0GUM9SoHzT0lT1GQrpNJiLom8-fLQshwVev8M3hK2e3jSUba28LJJKE6WGQozGnTDLUyB07g-I8xLTjqc5fLy9RspntJavusaggzteDtmtSICLBGjJZoqPkIyxo1EE9OiIjChxaAbElG0wGVeBgNi41SQU1xA3zmaVMeLi4CDgrCyNRU_bhxBZfu0bQ6OlKp4xS799OF4Bsh16MMv-Lvr4IYoHMFfF8RfNZMPvENoE-b70WpC3l_fk7DcxM-kHKRaoufUb7UUOnmijs5mo9bhuv8SRP8_gyz3Bio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7462 13 KB
13 KB 28ms
28ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e1-327c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7462 13 KB
13 KB 25ms
25ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 16:19:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4A47 0
0 65ms
63ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnkKiowP2ZLSmMpLMgAf52IHQDMme0rFctZjj1pMBwI23ARABIABgkQSCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCVSY_dfEdsj7gAgCoAwHIAwKqBMICT9AY-iclC9NygxCL89n6oa7MKOONomuzVzrSreEHORIeli-WczPlXmz5A8vxiPwdUSEE1Q0sCJYN4UKSwTWPjt_WV91W8je2iwiO2MlZHwW6nJxS4RcMqlFhgcCuURyFRiEwkUEZ9sNowi1xZmp0DDP_ODoNpAqi1GlxuEXAx9W0FTyk2YorUqIEPC1i4h4UxyWQPfbX63RsZcPzJ1YaORgeoRep-jUoF6hTjS0-EtlDlQz-M39eqGp6MKAgNsL3Hpi6Odx9_PdGhAx623IcF7XcdlpzB-RPhptaSU-7V8k0OFFQMd-dwtOCxGLMEMnsCgy3sYLvGlGJmRKdZTZKcvy33Kba0Y7eOY6Jj8r26yxQ3ZavtiJeWaSx3RXNY2qQCOZT02WbbzYD1X28_Ie94TQcqU9Rx9wCZwQF3h8fxc62BuAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=nFWwKbJ6Hh8&uach_m=[UACH]&cid=CAQSOwBpAlJWD0nfIn08EFUGyFbzPdZYKH8Z6HdfMJ0NWwIk9HCaOUyVDFkEpAeeRu5Qa2PQLAIV8zqIfw0GGAE&cbvp=2&vis=1
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 4A47 0
126 B 73ms
22ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIjzFrv5RIAImAKdg2ICAgAAAHobFO5qgn2yEKMD9mTcPBx_Su3Ut3v3AAASAAAKCkFRVUJEd0VCRHc&wp=ZPYDowAMkzQK4CYSAABsefG3UC8XoWfcyGCTUw&cbvp=2

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:48 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 144000
server: Kestrel
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C52B 42 B
64 B 125ms
124ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9KU3AYssXUjMOVvzfPabpkG5x9t-yVMbUIWp7Y8wLusdLsn6cSwkUI7AZE4ej-cSwJw6oFouyVh6LPuusBv6FQTS9-H6xKyfYtwi8_5yEVCXtzxVr4rr_yrHY2bu5isRqiG3SVbUFWmdnytcLIC9ueG0H7zCsh5cwiQxCy7mZ&sai=AMfl-YQaQ5ibhPjD31WwA_zVp3uti-zcDsTTbs3aphoezo48HTgPOYvFp7EnfBS2i8cJQY-8TM8lh-au6TVjQ87Qh6l1L34YYc7OUgT7Qfj-OrJQbQorPVmK0qXkw2Cu3zKwkiZC0HrsAHtAkI_X&sig=Cg0ArKJSzKoe31woVay_EAE&cid=CAQSSwBpAlJW0s6nPumat4Vd5mQ3rX4TVHYPTr-yXE8hyGi6hMjpcZ8PAOWGNLkFZyofyXqA70Bzoh8kGRRUOt5OKzWeq87gtkNo35xiuRgB&id=ampim&o=288,611&d=1024,300&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=286&tls=1287&g=100&h=100&tt=1287&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:48 GMT
cf-cache-status: HIT
age: 861914
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e667d9c1db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:48 GMT
cf-cache-status: HIT
age: 861914
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e668d9d1db3-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 594 B
283 B 350ms
350ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=1741444535104608&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D68fc3a26cd51f37a%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MaQll9nldN4HJQR7qRyshjWl7sw0g&gpic=UID%3D00000c6f01009c77%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYanIQPEYfkAq5dzuqp4G-v5cft3g&abxe=1&dt=1693844388872&lmt=1693837188&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D27&adks=3111070440&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9e2cf6dd54df823a3bc17f854570e43991dc5be41ca95e5b5e6f82aa83fd90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8833 42 B
174 B 126ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX4NqAFCmeGa5wVoqKpNK6gzR3Fa-NcfjcJFdZp-u6FDQcQHflqO9EVnMjyevaP32uHrmsuPDJ409kGjFW653yzdtdwLp3-v2ZzY4&sig=Cg0ArKJSzINLTQDKLwyfEAE&id=lidar2&mcvt=1000&p=231,288,511,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=274265597&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693844387842&rpt=183&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4209
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b4636fa6-3276-495f-a882-ac7809cb52d8&bidId=5&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7bd3e9cc-07dd-410c-9e4...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0b249784abf34060a1abdae2c44a3cbe&tids=5&med=10

0
18 B

75ms
75ms

Image
text/plain

2a02:26f0:3100::1725:e252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0b249784abf34060a1abdae2c44a3cbe&tids=5&med=10
Protocol: H3
Server: 2a02:26f0:3100::1725:e252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C60EAF9EC5EB40E48F3393C4EEE4E1E6 Ref B: FRA31EDGE0811 Ref C: 2023-09-04T16:19:49Z
x-cdn-traceid: 0.4ee22517.1693844389.1d590205
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 04 Sep 2023 16:19:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FC2AB543860491DB29D44BF2954E216 Ref B: MIL30EDGE1120 Ref C: 2023-09-04T16:19:49Z
x-cdn-traceid: 0.4ee22517.1693844389.1d590174
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0b249784abf34060a1abdae2c44a3cbe&tids=5&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F50 0
127 B 23ms
22ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 16:19:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:49 GMT
cf-cache-status: HIT
age: 861915
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e68b9491db3-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:49 GMT
cf-cache-status: HIT
age: 861915
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e68b94d1db3-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 169 KB
49 KB 421ms
420ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4154827571813612&correlator=1336330334945554&eid=31077538%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cc80319cf-2567-4473-aa70-ede725041f47&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D68fc3a26cd51f37a%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MaQll9nldN4HJQR7qRyshjWl7sw0g&gpic=UID%3D00000c6f01009c77%3AT%3D1693844387%3ART%3D1693844387%3AS%3DALNI_MYanIQPEYfkAq5dzuqp4G-v5cft3g&abxe=1&dt=1693844389230&lmt=1693837189&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1833812719.1693844387&ga_sid=1693844387&ga_hid=752283535&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpun4h6YxSABSAghkEhkKCnB1YmNpZC5vcmcYjer4h6YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKbp-IemMUgAUgIIZBIXCghydGJob3VzZRjz6fiHpjFIAFICCGoSGQoKdWlkYXBpLmNvbRim6fiHpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOjq-IemMUgAUgIIag..&dlt=1693844386306&idt=649&prev_scp=ti%3D7a560758-ed98-4b81-97eb-99fa66b610c1%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D27&adks=3607019325&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027887d1c6ac00f52cbae80895283e00afa5b85e4be0c64a38d8a843c294a985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49762
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4209 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOvQZX2hCZDbESHM_Qg5KLEtKiqXHyrKS2-NZKkzPhB0c65NamH0BKfHLxqbNtA1bvaVSwHzjsNH3cRtM_q6PYQG2zLbIPyr69jz16&sig=Cg0ArKJSzK3UMYuKdwbbEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1544541167&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693844387733&rpt=506&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4209 0
581 B 14ms
14ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLyBuhyAwAAAwDWAAUBCKOH2KcGEL6T17uVjILKRBgAKjYJIiXhGitJyT8RDzv-K_mGyD8ZAAAAwB6F8z8hDw0SACkRJNAxAAAAgOtRyD8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiB9AWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIaaHR0cHM6Ly93d3cuZmlsZS11cGxvYWQuaW6AAwCIAwGQAwCYAwmgAwGqA4UDCq8CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YmQzZTljYy0wN2RkLTQxMGMtOWU0NC01ZGM3NzYxZThhODEmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0OTQxNTgzOTA1MzA0NDYzODA2IgkzODE4NDY3MTQqBCFM8JU6JFUyaHZjSEJwYm1kQlpDTXhOREEzTnpjMU9USTRNRFF3TnpNesAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXQsfGb0NbS3CTABQDJBQAAAAAAAPA_0gUJCQAAAAABD3DYBQHgBQHwBfjSGfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4H0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=56e991326819bbe1679d395012e54208fe1e6ce2&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=8542884871986559977&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
an-x-request-uuid: b9c76238-b958-434e-9da3-9d0e59a7c05d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame A529 0
581 B 15ms
15ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.file-upload.in&e=wqT_3QLxBuhxAwAAAwDWAAUBCKOH2KcGEJmT-4vy7OedWxgAKjYJbYZTsAA1yD8Rg8dGtRd7xz8ZAAAA4HoU8j8hgw0SACkRJNAxAAAAQOF61D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjB8QWAAQGKAQNVU0SSAQEG8F6YAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCGmh0dHBzOi8vd3d3LmZpbGUtdXBsb2FkLmlugAMAiAMBkAMAmAMJoAMBqgODAwqZAi4wAPBpYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjNkNTRiMTYtNGZiYi00NzQxLTk3YWYtNmFjZmUwNjU0N2RlJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfQqAXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2NTc0MDIzMzQ2MzY5Nzc2MDI1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56TTRNRFV3TWpRMk9UWXpNakVqTWpNeU5UWXdORFV6TVRrMU1ETTNNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZXsiYj8h-mYD8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPmYvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDQkuJgAM2gcGCAkvmAcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=8e9df86168cc755baa94822d3d3726cc7f511959&type=pv&jm=1140|1141|1003&px=0&py=0&bw=300&bh=158&sf=0.77&sid=8542884871986559977&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
an-x-request-uuid: 0b6f365c-8e22-47b1-aa50-bc532eef33cd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.72; 95.211.146.72; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E78 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:19:47 GMT
expires: Tue, 03 Sep 2024 16:19:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=file-upload.in_auto_interstitial_desktop&sy=b6f215d2-1492-417e-a920-bc6717de3e68&ts=27&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=7a560758-ed98-4b81-97eb-99fa66b610c1&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7DFGPQJZPFGVDJVRTSBED3Y
date: Mon, 04 Sep 2023 16:19:49 GMT
cf-cache-status: HIT
age: 861915
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "98faee0ae9354ee6af49f4606c4f9a60-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80178e6b8d7c1db3-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 6E78 4 KB
767 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 16:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 16:19:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B75 6 KB
779 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 15:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 16:19:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 8B75 2 KB
892 B 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 8B75 23 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 8B75 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 12:07:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 45F0 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 8B75 20 KB
8 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8B75 0
0 30ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaWW0f1dFxwPkt45vdpdoTeZb3oqzQA7STsnoyy84_frlOsrTf4C_RtHwSx4CDlqHs8b2GUq30GVHZMvryD6vyK6tIew
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B75 181 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:19:49 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 8B75 36 KB
15 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 21:27:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 02:09:09 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/ Frame 6E78 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 14:00:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E78 205 B
296 B 68ms
26ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 18:25:37 GMT
x-content-type-options: nosniff
age: 424452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Aug 2024 18:25:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E78 604 B
919 B 67ms
25ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:06:29 GMT
x-content-type-options: nosniff
age: 213200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Sep 2024 05:06:29 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 45F0 35 B
464 B 66ms
20ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPk0Ga5U_sSk6SkbbM8YRTg&google_cver=1&google_push=AXcoOmT93uCATX30ibqUtptVyYHTxw6vAle_QDw3S3M6n0lFvMq3nK-ZTxcOGKy-QZ6cHEgcQGyU7poCprVPTqG721gLDFkfD7Esuw

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 45F0 43 B
146 B 69ms
21ms Image
image/gif 18.159.70.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJzbu226kvYB5U02PW44IZw&google_cver=1&google_push=AXcoOmTLJJ9_DJZBSpYkYmPpVAu1NF6oa2k6ioZNkRUqNElEFupe2iR09CXHZCoCH6cqxWNMmGWJquptBhEM9deza1NNc9KtoT-cGQ
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.70.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-70-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45F0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENSOT6ULpHZl8yo_mCMf5Uw&google_cver=1&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENSOT6ULpHZl8yo_mCMf5Uw&google_cver=1&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzNjU1NTg3MDIwODA2MTM3Mg&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcD...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzNjU1NTg3MDIwODA2MTM3Mg&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp8vzK1gvMFCQO3Zcyt6asSA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzNjU1NTg3MDIwODA2MTM3Mg&google_push=AXcoOmTXvDttWjyq3xzhZ73Bp2fAYECwZl8RifXzb03OVrA0HJ-ekwva-Pd_3p7emLOAKrJbvcYOcDrp8vzK1gvMFCQO3Zcyt6asSA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 45F0 0
43 B 246ms
242ms Image
text/plain 52.193.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEHt-obKF_7-XT0dc7kRhnHI&google_cver=1&google_push=AXcoOmRluGLGyMw8y3anVsZwAkkA0NhJ8UsVVvb7Vv4fFyENedjOsACysVQ0MU8xVUAy4sOdbiIUEI4WoXBjvQd8vhZVyzIlSPrX
Requested by: Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.101.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-101-23.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame 45F0
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEInb9I34Ix8CVjOLpGJgyvk&google_cver=1&google_push=AXcoOmSZpJY31WwkvDLsQnJwdquECuCpATK_EzeyR2RhfVe4fWNnbrmdN8WrQWyR8t0x2am-kT1C27KvlhK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZpJY31WwkvDLsQnJwdquECuCpATK_EzeyR2RhfVe4fWNnbrmdN8WrQWyR8t0x2am-kT1C27KvlhKLR4MBYPaIZFK9qvZK6jY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

21ms
21ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 16:19:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 45F0 0
12 B 30ms
27ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYMwibnhLekSjF-I_lEVwPTwQu9tE5rVBsIoXn0ucU_vFUQap3FtY31Yij

Requested by

Host: 80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:19:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js Show response
pagead2.googlesyndication.com/bg/ Frame A21C 38 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/6d9hmgfexkiy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 21:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 21:56:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiUqiKI6ESHoSE050rmZJPazexQupUw0BPmvjiLCgBhYpkhQw11u4tBno-Iu-o4Q_D7-RrytmBWbn-mJZe3l8_0evad8CLexAw-ZYqEgHW3eV1Tci7qa2uMjqlXAM2noZm8k2WdNttY5lkWNY3746EtvJkfVgE9xi9x3FWJ9qIkjfvHtPJdlOIUowbrtY9P2qXVEcZkH4_MOOEm7RP57vyccpYC0hsgbEDTv3APSKmjD-dl_hB8oESC3M7D-M231PrYTajaljen8w-TgNoifrqm_VJPmoGXZ-piTz8AGefJKKTUEbJ8htULMQFt0P5jQSmotwtAUok5qlWfqGSuInfH6vnOHa6Ob2zhFjOtSOOmPKzhfe0oo-SDtgxwZVOESO9DR46ms2N7Zt6xOC_NuE&sai=AMfl-YSZPHSA9y4UMVH1fZd58iuwQGHZ90558jfL1sC724bCQEvU2uQRe1KENjSHVdjHKSZtSZhFBoYJ0NzHQwbFe3zlG8gQ2Usw_qHRsAyKOOQp1aR4de4DKI_rb_txSSp8wH2x9CPA7jfpSpldR9Uj&sig=Cg0ArKJSzK9_iITyB-n7EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss12_wZKxcx8Zjwd5nGNojmbRhng2rU5BqF6itH6yIWK6HYmDTduhFK6ao_A1rtkT9vLPxM3FHlCGwgYyvKTlJB7Hr1viJMb1Cosa3qpdTkJVLEVF0juBL7paIMxPwGlek3IB19JhY9AMWO6zmj2OaVQ5hjMBf_ZSlUNWRbCWPMg_RBjCokSZW37LtywUCLL392uDlGh2A0gw6RO0QLGOa7AFJIwgnnx3LXwhUapIW-dLcykzFmnmyfQguo1C24RpHvlIw8k6QzDPhuK5FYHNd6ld04YR45tFbWKF63adCPbi6KwsT-dIDMHXKmbFoWv31rV6wx0vitc79TskrB0UCJjG8_o3t3di57k67wKejH_qzT1XK6LZbkfJ2dZjGzalM1STVDwlp38b6HcKaptQ&sai=AMfl-YTxnvxRyYUZXQI9sdLG_tp7R119HertvfAT0K9d8TuP73kk62p1ULdhkq1aKdmKq5OMyRxmAuEHeQZld1k9u9SyH32bQ8QMdwAaGI8HIET3etRLFJInIUP39VhMVH7xJjm9XRFT5RDyWONZ8sg&sig=Cg0ArKJSzBzffjlT-uWSEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx30lk9cBmZGj9jk_ZVOAx7LdB5Xp3XoNHbwU621SSdIRCA7wjtHs_G5xcBYNUPBI6rUQOHa6cgduDCloUW5wchpT5vK8FuT54WsFTaI9Ootc5M4W7whQrwvy3Oa3rlCcQjzSjd6ClveGTR2_wBALiufVXiXvV2xoK8GoPMHFC2IulHmcIO3xtrIuhx4e3lx3Pj7lSIEjmeqo8RAW_ad_VrAw8pC1t8_QhOGPrfIYLARAJm7dSkdzpO186cp5IgNXwUg07TF04n6cmK5vhTMoVacikKgF9H-AcBe48nIbkc-0fYYWWD9JXqfYUP44wppVUgvpnIRCkrnLC3Je78RIzTijZpnm6-T7TJu3Og2hggAI3mCodI4F8EfLO_UxQCI9WCnLJK5NHiCNh5p5wzag&sai=AMfl-YRH7gWs5tyCE0DTiJmS-x1o6NteBoFNZOL0vnKpgEXllOOL1cTGS2KsPs89Os4jq1xzFhIdBRXzLWm6ZDwkiyEI-uik0IJo9O_KRcDm36uOF5ZIvGTXv2tv6zD924wyR1eI4MeQsEOOKCOxzec&sig=Cg0ArKJSzLDjWcGAK3LlEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHcYKxMRmsrmhS-YGrZyyLCeSRQl8kO8uqnkfloj3aaMq5kt8_llb2ZhVs2BDXDij3R__GDeHeuotBuovlgm13M7-ClMlzCT3o5DApfpmw54a2XyG5zdAeurC3YmguS5pHoUTrJaMJtqN7G5bRDIaDV6-KRp31DZc30B_W265G6ib4I4u0wdjGOGIQIsplIO-hhqgofStKK7JmPykqaEHDRXOUyKEbul_fM_-kaWAWKNTznQs_4OQ7lLW-9ByPTuSMbjHEmZ9fWsPPW5Pc305f4JRrwc4yBBWJ3dHybWEFUa0_oveJaiNheKyaFidINT451TmXMqcTy32rHehjGVyXXVstppS203bR1MUDUrtWh-chF1ZlHPwidQ-MRodWygxZq49IJNhUIuqgu3K5qkg&sai=AMfl-YQCS4NlIYVutfC3eq5_7cyMLvLBc6Cg2_1--8fnU4RxJwn-AFx0v8IcI_bbdtYPynuuN2ajFIawM0r97WKLU93Vn8DGw_yMA1heCMJGARXIyYNYuC5z02Mh47KcQNdRjp1pyrOo9DDXIFp7lbW-&sig=Cg0ArKJSzBTAxiDyWHOLEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_hcZeh9RtF1veBQBoKuF1vATTVwgZXijxv-6Vh65C7KiDrqcQoHh7JXlschdQBnr12L3fdTFDW3_l6MJm464XNSI-yZL-ZA6sfido9uVQvcNGbbxgRd2yKGReulXx7ImHx647vldS1-qt8P2rsPF5cOyZHzdqxpEtQyXwWvXT5g6mtgmKOHNvhbchy3Ch-5ZDnAYB7zyVD_wJtwQeJl2IjMA95dVE7vWCopL6X4IQQq_6bRLsPzPURSMdAx9z9X8KG6t0joRgHkmweiz1yiVRD_bdthbKbo-9XH9aAcz0Ov7tY5_I9YHHvIQ8z120BZAXPNmgzRfjTw63MfwEcn0qAVzVGu7r9hdnOTxN4ZHGwUCps0u9GZsiNCcXyH2-iAMVG4MWvQKuOlICRkMYkg&sai=AMfl-YSmHCpWIdSsWLsdVCp0E6BVyIE-FWUdIs7ZfQxmn_GOUquM-b74Pi1smmww29nt8qlZjGkKoCM0gAMnZcaaB5WmUebto8FrdDay528mkB9Ox4MQgQOpYABfufIaOMU&sig=Cg0ArKJSzIgfr4-QLMG8EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEISQ-kheCsmMTgmXp90N8Tw&google_cver=1&google_push=AXcoOmRZKvC9TuI9b_gUhaPQxaICZbuD8XmZ4rvki1GslSQ5eBAIZ-IkoClRF2mflHBwMobT5SbynmhVg5AAG1X5UUnasZOvpqE

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Mon Sep 04 2023 18:20:46 GMT+0200 (Central European Summer Time), path=/
live.demand.supply/	1970-01-21 00:06:44	Name: demandSupplyTi Value: 7a560758-ed98-4b81-97eb-99fa66b610c1
.demand.supply/	1970-01-20 14:30:46	Name: __cf_bm Value: vieGFmU0067w98vPwYxJwxTnC4W5rs6zO.D.mFrHRQE-1693844386-0-AXTbSg6Vf5pmnHLMttV2ResMcAsE54fy1+0e8UFAdltJ67a5ZuwJ1u4NxphqGvCspBtPsv5eB9Zr59SN1Y1i/3c=
.file-upload.in/	1970-01-21 00:06:44	Name: _ga_3T7TKCZCC9 Value: GS1.1.1693844386.1.0.1693844386.0.0.0
.file-upload.in/	1970-01-21 00:06:44	Name: _ga Value: GA1.2.1833812719.1693844387
.file-upload.in/	1970-01-20 14:32:10	Name: _gid Value: GA1.2.1365500549.1693844387
.file-upload.in/	1970-01-20 14:30:44	Name: _gat_gtag_UA_119779859_1 Value: 1
.file-upload.in/	1970-01-20 14:30:44	Name: lotame_domain_check Value: file-upload.in
.criteo.com/	1970-01-20 23:52:20	Name: uid Value: d001abb3-d068-4e9b-acd6-a4de9bc52624
.file-upload.in/	1970-01-20 23:52:20	Name: cto_bundle Value: Q1bHH19HYW5aQmJnQUxTckpMRU9jcG5Xd3VhVjNnaEJBUVlMWWZDeDl3YmxoV1AxbEUlMkJkV3ZaSzNYbEIlMkZhUElMNyUyQmx6b2NHb2RFQmdrUiUyQmZuN0hHJTJGQWd0VFJLbWp5SURVaDBnc3liQzNsemdPY3pVZ1VJZk9UWWRoQkdyR3NHbVoxdFF1YzBKcmsxTHhlcDFUbzVYNEZTbllRJTNEJTNE
.doubleclick.net/	1970-01-20 23:52:20	Name: IDE Value: AHWqTUkfagtAE749l3N278SHcg0w99Ch6ALZ6R6bH_zewDuAXmPCbjD1sCaz24sDwP4
.blismedia.com/	1970-01-20 23:16:24	Name: b Value: 64F603A3E0E94100A2261674BLIS
.ctnsnet.com/	1970-01-20 23:16:20	Name: cid_a526b568a6dd4afaa62ad0ad6fb5a32c Value: 1
.ctnsnet.com/	1970-01-20 23:16:20	Name: gid_CAESEE4mvBfHwqK1JXVA5yX2aBo Value: 1
.bing.com/	1970-01-20 23:52:20	Name: MUID Value: 1A843450E20E6FB9088927D2E3766ED1
.adsby.bidtheatre.com/	1970-01-20 14:40:49	Name: __kuid Value: 91d23d7b-289b-4f25-8d91-7a626b909f56.463058388
.everesttech.net/	1970-01-20 23:16:20	Name: everest_g_v2 Value: g_surferid~ZPYDpAAKkN6rhgBV
sync.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id Value: s%3A0-d86ef31e-44b0-5752-51cc-c8f19a640aa0.R1I4Uu3TMH3oVU4pogCC1lcKnZVJxrlJioNiHsXFMII
.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id Value: s%3A0-d86ef31e-44b0-5752-51cc-c8f19a640aa0.R1I4Uu3TMH3oVU4pogCC1lcKnZVJxrlJioNiHsXFMII
sync.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id-v2 Value: s%3A2G7zHkSwV1JRzMjxmmQKoF_Tkkg.Kg%2BOQai3d6vARiUQpVHsNcr6ROuShzkFF88KHyw3otA
.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id-v2 Value: s%3A2G7zHkSwV1JRzMjxmmQKoF_Tkkg.Kg%2BOQai3d6vARiUQpVHsNcr6ROuShzkFF88KHyw3otA
.acuityplatform.com/	1970-01-20 23:16:20	Name: auid Value: 823061997264
.acuityplatform.com/	1970-01-20 23:16:20	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRRgfY0+wmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUYH2NPsI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTXBZOHZ3b183WU4yTDRJdllSeFRMUfv7hnZlcnNpb27C+w=="
.travelaudience.com/	1970-01-21 00:00:58	Name: _tracker Value: %7B%22UUID%22%3A%22FE3D6857-CD59-4598-8D60-0DD6833C028C%22%7D
.pubmatic.com/	1970-01-20 14:32:10	Name: KTPCACOOKIE Value: YES
.simpli.fi/	1970-01-20 23:17:46	Name: suid Value: 19F23D479F8146E6928D785344F7C7B7
.rfihub.com/	1970-01-20 23:52:20	Name: rud Value: H4sIAAAAAAAA_-MSNjKyNDI2sjAxM7cwNjMwMDAyMxfiM9R1CwuuyvczDawq8woAAKmDJhslAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjKyNDI2sjAxM7cwNjMwMDAyMxfiM9R1CwuuyvczDawq8woAAKmDJhslAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Q8sCg3Md88uK_YzKq6oNPAPKskqyAYAwiqLkB4AAAA
.rfihub.com/	1970-01-20 23:52:20	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Q8sCg3Md88uK_YzKq6oNPAPKskqyA7iNTSzNLYwMTG2sDA2M3vFiMoHAIkFx1Q9AAAA
.lijit.com/	1970-01-20 23:16:20	Name: ljt_reader Value: HRATsGZHlufqNKKVQmWuod9X
.casalemedia.com/	1970-01-20 23:16:20	Name: CMID Value: ZPYDpCiaQtHv5hSIAr6k7wAA
.casalemedia.com/	1970-01-20 16:40:20	Name: CMPS Value: 3186
.casalemedia.com/	1970-01-20 16:40:20	Name: CMPRO Value: 3186
.yahoo.com/	1970-01-20 23:16:41	Name: A3 Value: d=AQABBKQD9mQCECuiIXXXThobKJFXY-S8BPUFEgEBAQFV92T_ZAAAAAAA_eMAAA&S=AQAAArWu_rfwnfxPbSgrdS5g3gE
.de17a.com/	1970-01-20 23:09:08	Name: guid Value: 1.3009978579642821441
sync.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id-v3 Value: s%3AAQAKID7kjXLpTOPTvQocTK_kfDeVVfCMq6A7rc7OWeKTf1RkEHwYBCCkh9inBjABOgRDMKv5QgS6g9RD.DH1wPaQYUafI3SpO%2Bgg7IKJuYGtcomOOZ%2FdLEaK34fc
.srv.stackadapt.com/	1970-01-20 23:16:20	Name: sa-user-id-v3 Value: s%3AAQAKID7kjXLpTOPTvQocTK_kfDeVVfCMq6A7rc7OWeKTf1RkEHwYBCCkh9inBjABOgRDMKv5QgS6g9RD.DH1wPaQYUafI3SpO%2Bgg7IKJuYGtcomOOZ%2FdLEaK34fc
.pubmatic.com/	1970-01-20 23:16:20	Name: KADUSERCOOKIE Value: D83BEF8B-702C-42BB-B4BA-095C1C8FB01A
fksnk.com/	1970-01-20 14:40:49	Name: AWSALBCORS Value: iIJByWe4Hy6QPWQXqcWRoCVOB3rCuQ0fJ580NLd/sNs0Jz5jGaUJsLI4kVwBl5RrRtDdvEl/2cgP1ukUwNxfjIhPHVkuWuOaloyZVXgld7aeQyWOhhFVqpFHY/2I
.fksnk.com/	1970-01-20 16:40:20	Name: f_001 Value: 46D88DFCFB0A91F6
.fksnk.com/	1970-01-20 14:32:10	Name: g_001 Value: 1
.zemanta.com/	1970-01-20 23:16:20	Name: zuid Value: PW6xsajw-cGXgoZ_nWQH
.doubleclick.net/	1970-01-20 14:30:45	Name: test_cookie Value: CheckForPermission
.file-upload.in/	1970-01-20 23:52:20	Name: __gads Value: ID=68fc3a26cd51f37a:T=1693844387:RT=1693844387:S=ALNI_MaQll9nldN4HJQR7qRyshjWl7sw0g
.file-upload.in/	1970-01-20 23:52:20	Name: __gpi Value: UID=00000c6f01009c77:T=1693844387:RT=1693844387:S=ALNI_MYanIQPEYfkAq5dzuqp4G-v5cft3g
.quantserve.com/	1970-01-20 16:40:20	Name: d Value: EF4BCQHvKYEA
.quantserve.com/	1970-01-21 00:00:58	Name: mc Value: 64f603a5-c4979-2d24a-d3c24
.adform.net/	1970-01-20 15:13:56	Name: C Value: 1
.adform.net/	1970-01-20 15:57:08	Name: uid Value: 7836555870208061372

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/(Line 998) Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEISQ-kheCsmMTgmXp90N8Tw&google_cver=1&google_push=AXcoOmRZKvC9TuI9b_gUhaPQxaICZbuD8XmZ4rvki1GslSQ5eBAIZ-IkoClRF2mflHBwMobT5SbynmhVg5AAG1X5UUnasZOvpqE Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80ffac7233699f4a27fb44bb807b7014.safeframe.googlesyndication.com
a.rfihub.com
ads.eu.criteo.com
ads.travelaudience.com
adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.chocolateplatform.com
csm.eu.criteo.net
d5p.de17a.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.srv.stackadapt.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ums.acuityplatform.com
www.bing.com
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
certify-js.alexametrics.com
cs.chocolateplatform.com
securepubads.g.doubleclick.net
www.file-upload.org
www.googletagservices.com
142.250.186.66
151.101.66.49
151.139.128.10
154.59.122.79
162.19.138.118
178.250.1.6
178.250.7.13
18.159.70.92
18.200.64.186
18.66.97.109
185.64.190.78
185.80.39.216
185.89.210.20
188.114.97.3
193.0.160.130
2001:4860:4802:32::36
213.155.156.168
216.52.2.86
23.35.236.188
2600:9000:2250:4800:a:e047:753:6381
2606:4700:10::6816:3556
2606:4700:3036::ac43:b1f7
2606:4700::6810:5514
2606:4700::6810:8616
2606:4700::6811:190e
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:46::44
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::c
2a02:2638:d::d
2a02:26f0:3100::1725:e252
2a03:2880:f083:9:face:b00c:0:3
2a05:d018:d29:3601:94c2:7e1f:39b:9367
2a06:98c1:3120::3
34.96.105.8
34.96.70.87
35.170.131.1
35.186.193.173
35.190.0.66
35.204.158.49
35.71.131.137
37.157.4.29
51.89.9.251
52.193.101.23
52.50.158.128
54.158.152.31
64.227.64.62
69.173.144.138
70.42.32.191
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
027887d1c6ac00f52cbae80895283e00afa5b85e4be0c64a38d8a843c294a985
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c7021f40a4effdd66b1c5222be1a3637a90d273b6de4714dbbc59b160a325a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13832b6d3fdc793e8b6698d3c1432c687df6a1bdf1e26f45305717cefa63a163
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2084991bd363820a4263dacc6f067da4ea4006155167891885b7580bfbb1ec2f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25f609de169962e8f7c05c317642024695cdb8c008102fdb3f746051dab52ea2
26f53181978b273915caf52ede12168abd6685f9e56acbc985ed2415cfd779d6
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e02fbfb65ee88f200c7b28cd74f885f11cf41b8e8e1eead461450286feaa506
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3420e9ab57278bfb0b1a80a3bfe0a68a2ba2c4c3b132f5dcc198a43674520a68
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38ee6973a2e4ac539dc83f1ad30a151d1919a09d4b90a5eee633cd181ad7f4d6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac0914fb73ca70b2d1cca1d9ff79ecddbc6a7913b341c05e813c217565b22dd
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3f1afcc5c70b28b373f47dcd88dfe777271d26151d0e39318f7cd43e47ab6438
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
40fc43257e8709cf4af946fc1e34247ff5ccc8ada6c1aafe2badaec7e3ce9cde
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48d1b1191eff911d5e5a46b7344aba56ba1beb9f8eaed74569298bca6c7264bb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
618b5e86a9dc62a69004957373c2bae28b24d46fd5041d44e7361a48e69d5b77
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6355fa7ae3a863b6f0978374dd3129f731232c8c49cfd0d44d842a83f87e147f
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
6686faeeb9de1a941140a5e7c39ae1a23573fe5c37e367e081f8e4a2e05b0607
6752a4d6923e2af9a2206286972be61747334b59614972b2c18c1a846eaa66ce
681b6b34ddb733dbaccac4afb318e80136ef5d7290b90b8aada19ea4577b6eaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d07cd9f2801c89883f1c7ac14e0025e298f87c88cadd5efb0f3d0cfee0456e6
6e311ecd5335d65568b85825ce67e615418246ed172a4e3974a633732833b09e
70971f55c8f2423139b522e586ed3c528642a890ecdd936b397927fd18f9a975
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a5dc4b64eefb51d23b142754bac5a24952ab8bbf39e6acd62f5dad7aeb255f
72a823a42a33d4c758fdce94803de9b8236aff578ed78a0caffed8c100733a02
758e0b86379b7bb1553c199ceb1737336d9a0b68d6a5371096eca35281672c6c
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7ad9da6738cedcf5e864d82e413c1e7a0a9f0c2139e743f65dc3a90a26df56c1
7b305c29eca3f235b7a8c389fde3dfbf8f1dfc07dbe911b1a567b5c79c6394ee
7d50be5db6e83fce072a358e3794ddcbf8123f4a67cc1031fe5c4f0cb5c54fef
7e4bb812659c05735c23314a2b26f9c113d45ca4a7bacd6580d6ed644a82b14a
7f25dd6992232b59446249206b7b02cc4b7eab2af7a5eb3a219636d60fb313fc
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804cabbee7a28d0c78604ee742bbd50c5dfdb7a7b18fd6bb408feeeb075c06f5
8279eac123e14c491caf41ddea33081964fb11a2a29e454946d10abae7ce7580
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87de6d9d59d9d93625af78e705b37a4a9846508d99178951014a7ff4c4a1eb55
89bba462c4880cf4a0e49696cc9d3b9e28052e57071ddc4924a4b25515301510
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
998ec01c442c3405433a2e47476e2d88a760a35e24c22923743cbffaf7aa2941
9a1bec0060ef040be4031eb9298598167d86bc12b79eef13dbc5fa546d493567
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aaa5d94ca0ee538588551b8a9f102e57f97669e5342dcbd137de286cb36a8ac5
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ac0635bec474cfe15b78cee6caa0a1bae00da7904396fdeba8f75c754e1cd1b0
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b24798520154a095933fe1beefd8739e3f95915e01a7bfaa2a2a77f5d24c3132
b375e1d04c525a762155ca22499e9ef9d31ae2a34bd149e395b3973f327a33e6
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7bd1c4afb6e56faa255b6126f10fd0e0b0964e489fc3a07476594e75b9783da
b8f6a8161cd52f18246484f1ab849d5722e5e6c9e3e33801a173d15d5d13fd63
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf0ccc519ab424b254ac49e7722d4c2550d4221829d67b04303e2164ebb5c8ba
c294ee784e6b0ad4889483e8a8780d608a67cda75181f092230ecb7bbfa50480
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cd0096a03ce7b65a9fe98056490e78e81717e85853fd8cb499b204450b17c5ef
cfac52f7959394631d55752a9e5f94a9f33f2178086f04c95ff45dda14db1d4b
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d9e2cf6dd54df823a3bc17f854570e43991dc5be41ca95e5b5e6f82aa83fd90c
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ac92b4357bb63adb38a8f43db7b3523838232140cdde9407b93aaf80fb0243
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f86dea02c0b2a7e3cdf955a4b405aa13418017931035c67197557617a42b6274
fdb9595cf3bdbb77721ab7eba69c98f3fb80dba16e804310c508e3a465d2dfcd
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.file-upload.in Open in urlscan Pro 2606:4700:3036::ac43:b1f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

84 %HTTPS

50 %IPv6

52 Domains

69 Subdomains

49 IPs

10 Countries

2792 kBTransfer

6848 kBSize

50 Cookies

32 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file-upload.in Open in urlscan Pro
2606:4700:3036::ac43:b1f7 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

84 %
HTTPS

50 %
IPv6

52
Domains

69
Subdomains

49
IPs

10
Countries

2792 kB
Transfer

6848 kB
Size

50
Cookies

281 HTTP transactions
7 data transactions