dropgalaxy.com Open in urlscan Pro
104.21.235.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dropgalaxy.com/drive/fjvt08bvu82x
Submission: On October 09 via api (October 9th 2023, 4:38:30 pm UTC) from US — Scanned from DE

Summary HTTP 236 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 66 IPs in 8 countries across 54 domains to perform 236 HTTP transactions. The main IP is 104.21.235.154, located in and belongs to CLOUDFLARENET, US. The main domain is dropgalaxy.com.
TLS certificate: Issued by GTS CA 1P5 on August 13th 2023. Valid for: 3 months.

This is the only time dropgalaxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	104.21.235.154 104.21.235.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.67.146.39 172.67.146.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3030::6815:ab0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.10.176 104.21.10.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.141.71 172.67.141.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
2	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	195.181.170.19 195.181.170.19	60068 (CDN77 ^_^) (CDN77 ^_^)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
5	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:eb9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
2	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	172.217.18.22 172.217.18.22	15169 (GOOGLE) (GOOGLE)
1	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.20.9.31 104.20.9.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	52.209.147.201 52.209.147.201	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
9	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	54.39.128.162 54.39.128.162	16276 (OVH) (OVH)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
16	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 2	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	99.81.117.172 99.81.117.172	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.65 13.32.27.65	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.151.160 35.214.151.160	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	104.26.6.27 104.26.6.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.19.175.190 104.19.175.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
8 8	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	34.95.89.54 34.95.89.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	46.4.20.137 46.4.20.137	24940 (HETZNER-AS) (HETZNER-AS)
236	66

2 104.21.235.154 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dropgalaxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.146.39 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.isavetube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:ab0 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.isavetube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

assets-7pb.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rd.mobileoffers-dww-download.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adoto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.10.176 (None, )

ASN13335 (CLOUDFLARENET, US)

tmp.isavetube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.141.71 (United States)

ASN13335 (CLOUDFLARENET, US)

js.mobileoffers-ep-download.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.181.170.19 (Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 610407756.fra.cdn77.com

1437953666.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

mobileoffers-dq-download.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dropgalaxy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb9a (United States)

ASN13335 (CLOUDFLARENET, US)

dropgalaxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.22 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.9.31 (None, )

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.147.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adoto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.26.10.209 (None, )

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.215.202.140 (Amsterdam, Netherlands) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.117.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-117-172.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.151.160 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 160.151.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.27 (None, )

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.175.190 (None, )

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.166 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.200.5.215 (Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.89.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.20.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.137.20.4.46.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 ad.doubleclick.net — Cisco Umbrella Rank: 173	253 KB
31	googlesyndication.com e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	252 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 34439 ad4m.at — Cisco Umbrella Rank: 12024 assets.ad4m.at — Cisco Umbrella Rank: 44524	2 MB
24	pages.dev assets-7pb.pages.dev	276 KB
24	isavetube.com assets.isavetube.com tmp.isavetube.com — Cisco Umbrella Rank: 717993	488 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	219 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	985 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	15 KB
6	adoto.net adoto.net — Cisco Umbrella Rank: 448068	129 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	33 KB
5	dropgalaxy.com 1 redirects dropgalaxy.com	16 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 35458 static.a-ads.com — Cisco Umbrella Rank: 46836	1 MB
4	lead-alliance.net 4 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83080	1 KB
4	telefonica-partner.de 4 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82854	1 KB
4	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 206436 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 161993	8 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	228 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 dis.criteo.com — Cisco Umbrella Rank: 648	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919	673 B
3	mobileoffers-dww-download.com rd.mobileoffers-dww-download.com	382 B
3	gstatic.com fonts.gstatic.com	69 KB
3	cdn77.org 1437953666.rsc.cdn77.org — Cisco Umbrella Rank: 206482	14 KB
2	blau.de partner.blau.de — Cisco Umbrella Rank: 178172	3 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 93025	3 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 121204	805 B
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 18074	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	606 B
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	887 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12099 s4.histats.com — Cisco Umbrella Rank: 11973	5 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	mobileoffers-dq-download.com mobileoffers-dq-download.com	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	12 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1165	417 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 893	237 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 409	461 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	553 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2517	199 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2268	172 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50844	610 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	545 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	29 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	dropgalaxy.co dropgalaxy.co
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
1	mobileoffers-ep-download.com js.mobileoffers-ep-download.com — Cisco Umbrella Rank: 576607	23 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	29 KB
236	54

	Domain	Requested by
24	assets-7pb.pages.dev	dropgalaxy.com
23	assets.isavetube.com	dropgalaxy.com assets.isavetube.com
18	tpc.googlesyndication.com	dropgalaxy.com e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
16	securepubads.g.doubleclick.net	dropgalaxy.com securepubads.g.doubleclick.net 1437953666.rsc.cdn77.org e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
12	cm.g.doubleclick.net	1 redirects e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com dropgalaxy.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.google.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	ad.doubleclick.net	8 redirects
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com as.ad4m.at ad4m.at
7	www.youtube.com	dropgalaxy.com www.youtube.com
6	www.google.com	2 redirects www.youtube.com e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com tpc.googlesyndication.com
6	adoto.net	dropgalaxy.com adoto.net
5	dropgalaxy.com	1 redirects dropgalaxy.com static.cloudflareinsights.com
4	www.lead-alliance.net	4 redirects
4	www.telefonica-partner.de	4 redirects
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com dropgalaxy.com
3	www.googletagmanager.com	adoto.net www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	adoto.net www.google-analytics.com dropgalaxy.com
3	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	rd.mobileoffers-dww-download.com	js.mobileoffers-ep-download.com
3	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
3	1437953666.rsc.cdn77.org	dropgalaxy.com 1437953666.rsc.cdn77.org
2	static.a-ads.com	ad.a-ads.com
2	ad.a-ads.com	dropgalaxy.com
2	prod-rtb.ad4mat.net	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
2	partner.blau.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	www.conrad.de	as.ad4m.at
2	www.awin1.com	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	2 redirects
2	www.googletagservices.com	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	oajs.openx.net	1 redirects dropgalaxy.com
2	mobileoffers-dq-download.com	js.mobileoffers-ep-download.com
2	cdn.jsdelivr.net	dropgalaxy.com securepubads.g.doubleclick.net
1	csync.loopme.me	1 redirects
1	s.ad.smaato.net	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	match.360yield.com	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	tr.blismedia.com	e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s4.histats.com	s10.histats.com
1	id5-sync.com	cdn.id5-sync.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	s10.histats.com	adoto.net
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	dropgalaxy.co	dropgalaxy.com
1	static.cloudflareinsights.com	dropgalaxy.com
1	fonts.googleapis.com	dropgalaxy.com
1	js.mobileoffers-ep-download.com	dropgalaxy.com
1	tmp.isavetube.com	dropgalaxy.com
1	cdnjs.cloudflare.com	dropgalaxy.com
236	72

This site contains links to these domains. Also see Links.

Domain
www.momagic.com
shopkeys.co
dropgalaxy.docs.apiary.io
facebook.com
t.me
www.youtube.com

Subject Issuer	Validity	Valid
dropgalaxy.com GTS CA 1P5	`2023-08-13` - `2023-11-11`	3 months	crt.sh
assets.isavetube.com GTS CA 1P5	`2023-09-21` - `2023-12-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
assets-7pb.pages.dev GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
isavetube.com GTS CA 1P5	`2023-09-09` - `2023-12-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.cdn77.com R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.mobileoffers-dq-download.com GTS CA 1P5	`2023-09-12` - `2023-12-11`	3 months	crt.sh
mobileoffers-dww-download.com GTS CA 1P5	`2023-08-23` - `2023-11-21`	3 months	crt.sh
dropgalaxy.co GTS CA 1P5	`2023-09-22` - `2023-12-21`	3 months	crt.sh
adoto.net GTS CA 1P5	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://dropgalaxy.com/drive/fjvt08bvu82x
Frame ID: 96FA4E0AFC5E7A3BF8D54FCD73A060B4
Requests: 100 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
Frame ID: 04A946E499E3376539CB6AA3EAFFD1B3
Requests: 17 HTTP requests in this frame

Frame: https://dropgalaxy.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: C0E087AB83F8A16F5D0A35DC4624DAE6
Requests: 2 HTTP requests in this frame

Frame: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C82A4CBCFC903137BC4CAAF0D5AFFEC0
Requests: 1 HTTP requests in this frame

Frame: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service
Frame ID: F5531DC80847F74C7F2E9816B0AD26D8
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BFCD4D29601284B6EDC44DB6346B34F6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com
Frame ID: 7D95DFFC45C037D4CB07DBC687247A12
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 1E3DC39C592AB45F85EEFA9FF1EC0FB5
Requests: 12 HTTP requests in this frame

Frame: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 733533D6A38342CE95DB55401C624418
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D
Frame ID: 5633B7CA41DE7EAD01F8B884CDE2E859
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97E47F2B9FAA96150A05E2EDBC51711D
Requests: 9 HTTP requests in this frame

Frame: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F20FBA480DDF248AD498D4CF3F551967
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D
Frame ID: 32FCA882EEF88550D213CDA8F834515D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4C8A3A0FE3E8A7AD11EEEDB76F3AED05
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 959507D572B472907ECCC1D465441A5E
Requests: 15 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6D91637AB6F4AD121442870CE75CE0D5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 708E1FBC1FE996186BF9C9C8B60A3DB3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Frame ID: FD4807372AB04AD293432C6A88FD95CE
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Frame ID: 5155EAED47B95A49B7EF9058A44F7BC5
Requests: 11 HTTP requests in this frame

Frame: https://ad.a-ads.com/1640813?size=728x90
Frame ID: C828DC8B8369897B25030C842BF715A5
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1536089?size=300x250
Frame ID: 3B9BDF53370C8CC14E7A768A18307E98
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9476FA1433141A1189D97E9DB02C992
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B089E941F948E6E5B99C12D9BC45056B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DropGalaxy - Free file upload service

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

236
Requests

89 %
HTTPS

18 %
IPv6

54
Domains

72
Subdomains

66
IPs

8
Countries

6482 kB
Transfer

12274 kB
Size

50
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.momagic.com/
Title: Ads By

Search URL Search Domain Scan URL

URL: https://shopkeys.co/premium-key/dropgalaxy-com.html

Search URL Search Domain Scan URL

URL: https://dropgalaxy.docs.apiary.io/
Title: API

Search URL Search Domain Scan URL

URL: https://facebook.com/DropGalaxyCom

Search URL Search Domain Scan URL

URL: https://t.me/DropGalaxyAdmeen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCljIo9s4b_jepVVWaJwizDw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://dropgalaxy.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dropgalaxy.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 94

https://oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp&cc=1

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_cver=1&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vEbFKp1HBi029-ecPsveR9uYegMOwh3TrfCRP6VSZSAegQlCg HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=703b2528577f18e6&is_secure=true&networkId=14000&version=1&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_cver=1&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vEbFKp1HBi029-ecPsveR9uYegMOwh3TrfCRP6VSZSAegQlCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI1PkHT0QGSQNpnBGZAAAAAAA&expiration=1696955901&google_cver=1&is_secure=true&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vEbFKp1HBi029-ecPsveR9uYegMOwh3TrfCRP6VSZSAegQlCg

Request Chain 153

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDjf0ReRCYMTQZyYd_sg694&google_cver=1&google_push=AXcoOmSLKD35R9g4MSdf1jK3iH954vQfCHHMek3NBGJ8_ppHZY8WW2RJ3ec4HWnvUZflcXOssqalUVzyOmLzzQQBSVrXXOZJKrurWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDjf0ReRCYMTQZyYd_sg694&google_push=AXcoOmSLKD35R9g4MSdf1jK3iH954vQfCHHMek3NBGJ8_ppHZY8WW2RJ3ec4HWnvUZflcXOssqalUVzyOmLzzQQBSVrXXOZJKrurWg

Request Chain 154

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE6a_IG4RXHzZP_OkZV9ql0&google_cver=1&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VXOMD5OUtpG_IfLBJb3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VXOMD5OUtpG_IfLBJb3&google_hm=sqRU-TbzRDCYvjZWbicZyPE

Request Chain 156

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ9Im2hm7OWOZxufdWdiREDRuTDJnhiZ8MrBsgsgLTDzWf6UGh89_3mJrsmhnCnL6_WSOUAcWi6_Z8J8A77r2NywP67s0I2ng&google_gid=CAESECfxOjyTbiN8HFruJHvb-nE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YkUGvrxW01jBBlBMAg2I-4sShbzkJ1fmwNEXMg&google_push=AXcoOmQ9Im2hm7OWOZxufdWdiREDRuTDJnhiZ8MrBsgsgLTDzWf6UGh89_3mJrsmhnCnL6_WSOUAcWi6_Z8J8A77r2NywP67s0I2ng

Request Chain 158

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKc1d2pc7DCUhGHHxF12jzU&google_cver=1&google_push=AXcoOmQ-6Fam3rNUxGFK3FxQVvfFFyJpI2G6LfuLtxB5NlDG9TaNtaUHYDB2wECvj5JWUfUmxOX2EJa_mbvXNFtk0w4JgbrwV4l-vz0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWFhN2VlZmQtY2U4OS00ZGMyLTkyYzEtYTI5MzkxYjFiNDZj&google_push=AXcoOmQ-6Fam3rNUxGFK3FxQVvfFFyJpI2G6LfuLtxB5NlDG9TaNtaUHYDB2wECvj5JWUfUmxOX2EJa_mbvXNFtk0w4JgbrwV4l-vz0 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 162

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 163

https://ads.travelaudience.com/google_pixel?google_gid=CAESELhY0X2lPAwoZFheLHEjfzM&google_cver=1&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc-O6-TIaTka2I0w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TmIxadRQSbUgzbgMs-wbOw&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc-O6-TIaTka2I0w

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECB_Nsz1BhudQACOtrrvE9g&google_cver=1&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt9eNg_DwRGscT5Hv5dZ8V0Q HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECB_Nsz1BhudQACOtrrvE9g&google_cver=1&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt9eNg_DwRGscT5Hv5dZ8V0Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwOTg2MTI1MDYwNDk0NDA0&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt9eNg_DwRGscT5Hv5dZ8V0Q

Request Chain 165

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED8BZPQvUMZpmVAjqmOVgGo&google_cver=1&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2ksWZ_8QHj-zmaU9oHe1Us9g31- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNEFFVDMtMVMtRFFRRQ==&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2ksWZ_8QHj-zmaU9oHe1Us9g31-

Request Chain 166

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_cver=1&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i9zNbrhkG1I2NwcQmCUMiuGn4CFIYRBQNwR71Yz705FSX-e1Oy9vsaLjqHVVEB8T HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i9zNbrhkG1I2NwcQmCUMiuGn4CFIYRBQNwR71Yz705FSX-e1Oy9vsaLjqHVVEB8T&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_hm=ZSQsfTbiEEBncNcIFtd0WAAADGoAAAIB&google_nid=index&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i9zNbrhkG1I2NwcQmCUMiuGn4CFIYRBQNwR71Yz705FSX-e1Oy9vsaLjqHVVEB8T

Request Chain 168

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEC43mhU64QjHePZnXg7T6eU&google_cver=1&google_push=AXcoOmQJN8Ani0VW4jOdb8h8LIb8fp9oeH9BiCfgpUE0XcQCW8hQbJViVsI_PZpEeyyVEEYIez_DbTkE0LBSmdv16UWyp0NE6YfZiDU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=34c67ba6-8c64-47ad-bc75-67d422014280&google_cver=1&google_gid=CAESEC43mhU64QjHePZnXg7T6eU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQJN8Ani0VW4jOdb8h8LIb8fp9oeH9BiCfgpUE0XcQCW8hQbJViVsI_PZpEeyyVEEYIez_DbTkE0LBSmdv16UWyp0NE6YfZiDU&gdpr=${GDPR}

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4274bf20-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 201

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSakb-z6YEDFTaf_QcdiasNQQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 204

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJifkb-z6YEDFWpU5Qod91YOxg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023100918382289528962233X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

Request Chain 208

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4270c780-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 211

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMmfkb-z6YEDFULmEQgd9lcPAw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 214

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIekkb-z6YEDFdjTEQgdQ-YCSA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023100918382289528962231X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

236 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fjvt08bvu82x Show response
dropgalaxy.com/drive/ 51 KB
11 KB 1860ms
1494ms Document
text/html 104.21.235.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.154 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4932dcaa92cc7a166c55691c1196583f4e462d7f238c437c867f83ea3245d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 81380d8f48ed1976-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 16:38:17 GMT
expires: Sun, 08 Oct 2023 16:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVkLR0D63l6Yf556awDK30rPMJYKQ1ut031v0%2F5GccxANR%2BhGwbl1rORMDY1nAfow9LeH8%2Fw5AIIGee0XEAjEzzCr3hB03BSo%2Fd4ZJwdruez0AB2aUkCmqrix26Eo0AHRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 bootstrap.min.css
assets.isavetube.com/styles/ 140 KB
22 KB 442ms
60ms Stylesheet
text/css 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/bootstrap.min.css

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31a993713f10296a31c32b2e799298cb959ec222c77b85c267343b5eab60587

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"70120f4bd6941744afb2028c3ff076d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F27nsW4FavZXvDgYZxDLL2XVmXmuX%2FZTEs9b3%2BpmZJFELFLqNlKiL932n4L9b3VWDK0%2FTBfiueSM5Dy0XQoBarM4qOwKgZp7%2BVvPI5ZRXn9wQtcqddnU6tp8jpKtdwrE%2Bc3MjQWpe9Gxp60wB7sxTsH1lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b1cbc9048-FRA

GET
H2 200 white.min.css
assets.isavetube.com/styles/ 147 KB
26 KB 431ms
49ms Stylesheet
text/css 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/white.min.css

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3508a79c8ace34cd4829da2705c3be120405d7e5fca0b6b7438a61c67718780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6001
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0dd1c7caf4953f38ff708d661889ef7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOpWmedk%2BryHc0qzAehd9G3pBsFeM8EepAYwi8I6BpiT%2FLtjcdjLcaBwap1N%2BN8JrzTnSo5cL98uJ8psSxljIkUsj%2Fo7PR1sZf7AavNRCa7IZtGsTB1WRFa6LmoLUHIg5nLPAdo2yoK2X25a0qkJDGJ%2FEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b1cbe9048-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 367ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7592695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29363
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q61aH5P9EhqwGz6GseLwZNQBYvb6Xl6vxOnkI8uhw5r%2BRxzdtjWrBv%2FAQzckSlkXDRYXMnFIdGwdAPHyVbITLnNwOrt26FZVmLrjTPYMrUeFU0TCCg9Ug0sJiCBVV9kprq566EPG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81380d9ade419268-FRA
expires: Sat, 28 Sep 2024 16:38:18 GMT

GET
H2 200 jquery.paging.js Show response
assets.isavetube.com/js/ 19 KB
5 KB 446ms
68ms Script
application/javascript 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/js/jquery.paging.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daeece32317d302c7fb5847ef4d7a98129e192a1cdd102fd688056643ece3cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ce4a6d49c9523f70ccd41e13e6d15a5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJGPzITqbaEx%2Fsp9AIaz8rZHRm%2BMEC%2BFnEeJNElIcGzwp50e3W%2B%2FduCK1dk0BDkXGYftlFS0grdC9TmYvwwlYXaI6NGgRz2OgxxCe2BtN%2BMh%2FCLA686o6dCY46Aky%2B5%2BeLA4Y%2BBfEew7p5VyX6FVr2XQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b1cc09048-FRA

GET
H2 200 jquery.cookie.js Show response
assets.isavetube.com/js/ 2 KB
1 KB 445ms
67ms Script
application/javascript 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/js/jquery.cookie.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3993
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4b0cf13bb607d823d1ca73162aab5560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPtCFIjT91jEkqFIKimTTtMh1BTjPpqFTHW6vOI9EUXziykeoXqY3g5GwdIcoRXNRGxmarPN6t8Aq2SCsvPLko5grijPxJfW%2BZcme8LaVML7hxZ2jZMjL3j2lDmVEgoxL9AWf1SadSPigM4JJews0mG%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b1cc39048-FRA

GET
H2 200 paging.js Show response
assets.isavetube.com/js/ 4 KB
2 KB 447ms
69ms Script
application/javascript 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/js/paging.js?v=1130

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97b7a5b32d752b0507d1d7a731b6773743d7352c61bb108dfc5b926f282b3426

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"33afeb9bbe91e31d410cf64c912cab8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy%2BlGOeIaEnab%2FcOye2PHln5F%2BHxGZqp0hLl%2Ftxr2bIFj5IFbPPspqz0WxXlCbrt%2BZ6qWYwaBKhIWTUkPsvmxRnfREwVbCj0vWR6HPqwt0V1R1OTdLcifiphSLzPicdASIp1ebIQyNEsnufo9lbx2fa%2BVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b1cc29048-FRA

GET
H3 200 logoo.png
assets.isavetube.com/img/ 34 KB
34 KB 27ms
23ms Image
image/png 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.isavetube.com/img/logoo.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80e6b132b064f69a38b6f9738a70467e3495fac04f2d314d35fe78289630823

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7015
alt-svc: h3=":443"; ma=86400
content-length: 34606
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2890e8ac3c4d3c2086d4f5ddbeb49bc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VeysvNFdJElUULU3LeQml%2BOfXeejvqyd94arTkHTzxYwoPmLSRU3Syzo2jDE4EiA3rarqoHhPAkCQKqMsKQzWeJOfdAiWuQ4SMZdLaKzNwVWMfKvtDFVK2pgQ2NihmfjvRKuHqZg1xLV2lyD4wWz0kutQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c0d189034-FRA
priority: u=3,i

GET
H3 200 icon_cross_g.png
assets.isavetube.com/images/ 3 KB
4 KB 64ms
60ms Image
image/png 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.isavetube.com/images/icon_cross_g.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fecc3914781961baacac2abff3843449e9c7ac7d3bb93392cd905fe50a0fbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1559
alt-svc: h3=":443"; ma=86400
content-length: 3247
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cd708aeb20b9dfb4f8095e28539c22fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgp4Y%2FkbVv6CMkducTR5iei8Vkse0qDtvZsEifrmSLgK%2FVjM8SRABdkz6O0uqivC1e4aHEDdwOCbWCL3QjJ6rhWn%2FDE7iJPYCLXyPWlVPbxrYPKCoy4GPuLAxIm%2BbAkRjJ39TfhXU6oayvWQWMOOc1kEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c0d199034-FRA
priority: u=3,i

GET
H3 200 icon_tick_g.png
assets.isavetube.com/images/ 3 KB
4 KB 67ms
63ms Image
image/png 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.isavetube.com/images/icon_tick_g.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0b0bb40bd4f5c073401e115bb1814de3169498e65676e2c6c7d70fbd582f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6677
alt-svc: h3=":443"; ma=86400
content-length: 3199
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "1e7adde0094bf697630f728c4f88ac35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQAlp7H%2B9pGLb1aiNOtT70%2BAGJca54moaSbNFGopRw%2F%2F%2F%2F1iKGFRL9%2FGIyKKwhtelT%2FQBsLAKZUeee4LNOnvBzQdRMHyBIWbfS9nbYdkJSnqvTd5IJIhjnsFaqRm2uHQMmdsnollbtI3kdZi9JCwErcysA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c0d1a9034-FRA
priority: u=3,i

GET
H2 200 bootstrap-confirm.js Show response
assets-7pb.pages.dev/jss/ 3 KB
2 KB 420ms
64ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-7pb.pages.dev/jss/bootstrap-confirm.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a404d1edaa3b4ee222758754c0f3f8e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptc04%2FUnGqHGdWa%2F4O0ObtzfedJlI%2BPCya225vTsxCa45KIKZbLOayv%2Fq0vzeJNU6zbJGsIxbzYN7G4pxrMxq%2BOcRjKzDc%2FsRqII0mrRuNVPLzRKJtUcJVO9Ayn4GTFfECn%2B84yGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18bbbba7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 dialogs.js Show response
assets-7pb.pages.dev/jsss/ 2 KB
934 B 428ms
73ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-7pb.pages.dev/jsss/dialogs.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d48f891ae2d8a416ed716d2800ac08bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb2dfxppQHV88sNnQcPu4oI0i83Aw8pz5X3qVk7bQclDB%2BuFM%2Fm3Q%2B7I0vgXdebSTo1eeeKkLugqX0YVP8FBmEk9JzHr1oUDNmwByEhm2ZipZIr3cR0NpMG496DRuJn%2FSP2knumUhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18bcbba7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 inr-upi.jpg
assets-7pb.pages.dev/images/ 41 KB
41 KB 400ms
80ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/inr-upi.jpg

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67938c0bee8f5f87a8b47f5b244edf20bedc6d1efce0d4d0f343cfd3af53cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "30a6b2c24133aefaa26ef7de2507049a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5L9XCDVOMuohu3se62dx2ZJKRux5k%2FwfG5wlsm4R4gRCMWbZcdZoPxc%2Fiu9Dz9wQQT4UjmndaumN4nGM5vElDYZScDi8LfWxMS%2BKg2ijDoY0J1CelTNjPWmJBTWwJ60tNP1VpkJcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18c0bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41719

GET
H2 200 payuBanrding.png
assets-7pb.pages.dev/images/ 7 KB
7 KB 390ms
71ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/payuBanrding.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93388d13732c2f9b165a9b248a7cb5dadb8bd4200112eb65b4add94aef33f887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d772dbd40e6bfd144f5f4fde702a8492"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHrKv0rPGFDj24ivuRgsgcBvu0XcaMDzt06vRgBBHLYBH9aTHlDseRFH6Ew2ZBks%2B%2FfJHEFq6%2BS4nNQ3Rx0xQd2uzKUkZuh0DYXAlmjYH3sr5iNkIq56vm9nx%2BaUK%2BQlg66dmqhGKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18c2bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6966

GET
H2 200 buy_btc.png
assets-7pb.pages.dev/images/ 12 KB
12 KB 398ms
79ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_btc.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c2afdd719180b3f0352e4457bf060b04ef78bd446441616d9f393bfe9f9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ab18755d8a315cab0d60b0c4112ae56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fle9sEv5gXmJXaYueYugEPF69WuK%2Fs6eOK7Z21O2Gic8gqusSaGB8MBAmjlttzT5o%2FyyeXEQKmkpcEWxE5xKckSsffAVTaTdAzKaHRoSinwPV4ELiyrOSluQLdmSUP3MoMAKJvuupw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18bebba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12186

GET
H2 200 buy_bch.png
assets-7pb.pages.dev/images/ 5 KB
5 KB 389ms
70ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_bch.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a6f4bf24284685eb406d549abb091deee1552baeafa46639ca08bf63625d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4ab95a48b862609cd9a91eb24c2a53cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX0KyX7e46T3aMoYOLAYQhnpC2SApuesesHIKerDm4j1msV7z%2FEMyOUwVIn82mFlB5p7OjFlXKRlfHJ3g7Z0jOzq42E1Z7SjNmunULoMYnootfCFQ77PYjFxztDHytGBV6figNDOZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e18c3bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5178

GET
H2 200 buy_ltc.png
assets-7pb.pages.dev/images/ 9 KB
10 KB 57ms
55ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_ltc.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8237c1024afc9b010ff81c2563a86c4a28d4c5486f9105aa2f06c4c5069e401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3831747fa3f9cf3ccab6058b944e02d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeNGg2ukpcaS9%2BYbpsg7jFu61c%2FgOSr%2BCBJe9Nd9i72DCOKUBMSO%2BxeaQKc%2BCSU%2BB09PaPe%2FpfBtptngnsU67MHzeRp6EjBk0XH6d%2FMCymVG%2BRMqg50NxLatZyb7mJ5vLabGKBtUjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e592ebba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9409

GET
H2 200 buy_eth.png
assets-7pb.pages.dev/images/ 1 KB
2 KB 56ms
54ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_eth.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe6abeb48711f23656d32822f8b2aedf5283c1d545bd4bcb31db12bb67d9087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fad1fb6ddc3dab507ff2e91038e542c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUKNRg0o0jmRWnT3a9%2FkDcIyRDegCE6VVhvFrVd3o%2F3Iajaq5%2FqYLZqZqLApFrB8XA04zWE%2FrVsTCotkzpUkjenybVd9u0SDBjBrHXioj5modUSRS%2BzDqdW1x%2BFF3J6pD9uyiMfe4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e5931bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1226

GET
H2 200 buy_cc1.png
assets-7pb.pages.dev/images/ 4 KB
5 KB 71ms
69ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_cc1.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faec35ffbb60f349f8961852f4c3f2ca495283c89fef601b685f44425244302e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dfb83b38780e6fd8031c5f7e1e902dbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COj1Ji3p6xx0hiTrwb3CAFRZhlx71W9%2Ftj7lw0%2FrF0AmTJm76oxv9HC6eKy486Tcf96SZqSrNXbtEitx3OX2gtMcQejeGrG3jwWki8odwjdpt9wqjqBdvvOcIidwV%2B9if6%2F69Q2GIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e5935bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4352

GET
H2 200 buy_perfectmoney.png
assets-7pb.pages.dev/images/ 10 KB
11 KB 58ms
57ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_perfectmoney.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4f2a373ade00acb3b86dcbe4ce3aa230919d7fe7d4cec13fa0c4c61e3493af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9188d8ab087a1fa6fc26c615b287bb45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Amwb4UgKFMtpvcC7E2LehaK5ZLem9hNx4WntiABhxTRjX6PeYAibX9Buod1ugXI5C80XiSSxt2%2BzZLhcSaZLaQoMOm1Kpf%2BG5XxDAceEGdC4ivMwcY%2Bo3NC%2B4vpkVtOv9F1eMPQdiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e5937bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10280

GET
H2 200 buy_webmoney.gif
assets-7pb.pages.dev/images/ 3 KB
4 KB 60ms
59ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_webmoney.gif

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d263b73bc8aa2c8febee7d5db0ecb0de3cc61d34730a11def32af99daacf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6a0fd592d4672c4b9123248cb245bc2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjQ%2BmNhSoyuCsSJbtjdyQVKR%2B%2FP2sRyCDDdlK3aMJa58e9XzxAxkDkX%2FeICxSzIcVw8dHKIZoO3SsXqUP7Au7tMDI%2FKBtB%2FmTEmlbNg3nd5s3iTaEJs429N88eKze0yXAM6O3E7mOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e593abba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3339

GET
H2 200 1593783858.png
assets-7pb.pages.dev/images/ 24 KB
24 KB 69ms
67ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/1593783858.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d895032e5054dbbec9957df2b61c4573f2efc9bd5b9090aa9322e46116ca1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "923d441f1d864c241195a9c91dc59fb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdf2WBIT7%2FLN2lhGaa0T8bueVReG%2BlrNcCPA8gpaOZycWx9liFUPQ5Qs9wHYIPsZduev7zVGm1EOnORngb2mqKawPFnVBvkOW7JH%2BDo3KlyKgGEPxfo7HHrCRYtNJZNLzp0zvm0yHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e593cbba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24251

GET
H2 200 icons-390.jpg
assets-7pb.pages.dev/images/ 17 KB
17 KB 79ms
78ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/icons-390.jpg

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae41056f6ff9aae78e8b96c3fe05c860a107c12f5a221e299fe450f06bee817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7841797d4eebd8513a612fd8e9719014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xveQFWI2WfuAqFeVD05E2VMQ8PpIJki9Ja6NiDoSj5XRSr%2BF%2BXwjMUR7WxivTzawlqZkBFhOiu8oH2%2BBig6%2Bf3miSKrcojVw8aH7bVUlu3%2F69JR7jouqSd3Jl%2FQ%2BDk%2BUW4IenX%2FcVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e593dbba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17159

GET
H2 200 badip.js Show response
tmp.isavetube.com/js/ 19 B
600 B 467ms
88ms Script
application/javascript 104.21.10.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmp.isavetube.com/js/badip.js?v=ghgh

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.10.176 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feec368d7002bdf65baaf0b7991b134836ed4c8fd9c98be129c16b924d1ff8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QONzfjm0d%2Bkl%2FgWrSbhXcjHWrovN99HZ%2FcNkPNYYE4Xxg7IqQ4AT3AFnDNE%2B0DY1NckrQXZ8e9WfxqAgAhWTMSPSNTENJrpAWaT9Td9EqezMUdrYDbc5hycpRuNEjspL4%2FaHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, public
cf-ray: 81380d9e5b86bbef-FRA
expires: 0

GET
H2 200 728b4eb28935252c.js Show response
js.mobileoffers-ep-download.com/ 58 KB
23 KB 401ms
21ms Script
application/javascript 172.67.141.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.mobileoffers-ep-download.com/728b4eb28935252c.js
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1605eddc19dc96b98d718417c9900a2e33f7aa76e19dfc8f060e72de61a1da28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Aug 2023 09:11:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5218
etag: W/"64ef07cb-e9de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WgOPZI8hPJzVU3viC%2BaNwjOiKUI7H7SJkpYrZb3wC9CW9FNDx7IeTunrabXjXVWJadzx1aPvH2E%2BR20WHW9pT0eghVXdpsy7rW93l6WNjlW6Zql3S1Gf1DhdkNFrWgD25MiVBwab9el5%2F4%2FneXz%2ByRu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81380d9e588a694f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 376ms
30ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

9bf92fc8082e4438703621ddb0bd82b825c1555fd2bf39f2320883d70ce8f342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 16:28:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 16:38:18 GMT

GET
H3 200 theme33.js Show response
assets.isavetube.com/jsss/ 4 KB
2 KB 41ms
38ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/theme33.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be8f2617295d90e6d3fc4c17c3f9dcb5e6c981a49b51de82cb7efb5e133a9c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6685
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ccc3aeb0210fb9d8c186b36a948c090e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WQMAe9dSe1X72TuX1Cw%2FFvSO0YuT3vLSnSAGUFzEyObC3ZqfBm1Tm9FKj2DpXKzBsaHrNbTOHp1pcQvnJMcN8i04aqtXKsu4S1Gy890fib%2Bs%2B6DMaQYjVipNOv1jeUj3m8GUM2fBHPVGdjLhWsqqiF8IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d1c9034-FRA
priority: u=3,i=?0

GET
H3 200 popper.min.js Show response
assets.isavetube.com/jsss/vendor/ 20 KB
8 KB 43ms
41ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/vendor/popper.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"61668bed492184008694622fa5f62437"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW2Ds1%2FiZnitBRyuU3xMwStG582FVpctpGTpquGv%2FDEblG29n6AscE3vwVcgqRCM9gu3uPLFbT1pPq%2B%2Fw2BfR8XVlfLj5nkd7ObAoneBbp9utS4ifS1rPH7ifm7t0G2Hv80NIQy9gfIQ%2Fdwj69cLzLraGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d1d9034-FRA
priority: u=3,i=?0

GET
H3 200 bootstrap.min.js Show response
assets.isavetube.com/jsss/ 50 KB
15 KB 46ms
44ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/bootstrap.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3821
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31c3f9ea0df3dd0d791098afa7b69631"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIMEoR8ri6G%2FaZgGLnVk%2FTlAm0eMCpPkNkRscQRT6z6D21cIzV5iYJiQ%2F%2BONorz048ZJZneSWkGTsGU1dALId41fgMBGfF5gYBmHxphs9WcoTpZrZoW2YxBfTufT8BawzRdLKhnyWivHrMbP%2FFMCRLq1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d1f9034-FRA
priority: u=3,i=?0

GET
H3 200 dropdown-hover.js Show response
assets.isavetube.com/jsss/ 7 KB
3 KB 42ms
37ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/dropdown-hover.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e4baa1e328e01775e3727a0de8bd09aff93fa57379e0b1764f7a31a7ed260a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4395
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4002fd43d28db4ce9bf1ba1009abf742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WKiY7RkZDHGIPb6KrflrBN9rhMVg6zPZY3WeaK6ha3BWsnjIZIzM0F3khhsf25QzFks9GGQBv1mRKejYoFFdjFRUT8LRFzgeCDe%2Bawt1YLxUHp8ezN9OpAqloqt1roFj1jNTn%2B%2BACwHi7R5pWHnX7vg6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d169034-FRA
priority: u=2,i=?0

GET
H3 200 jquery.nice-select.min.js Show response
assets.isavetube.com/jsss/ 3 KB
2 KB 56ms
54ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/jquery.nice-select.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"388111af81ecda6b7a92372f29cc1f6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8ngBK%2B7l8RIm2NmPCxmgv2paIf0fsUN4gczRbpDolRs15x4ElxgRZIojKlenApVKMC7q4WzmqArbkVnpOs3jQskOALhOeEyWHNcda75XfEOE2%2BBo%2FBocgDZimu5gOjiYOBf5Lfr5sopQO475nISQ9VdwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d219034-FRA
priority: u=3,i=?0

GET
H3 200 clipboard.min.js Show response
assets.isavetube.com/jsss/ 10 KB
4 KB 57ms
55ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/clipboard.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"608e7bed5ece4b4fcd19c6de48eaa222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7kSKKx09rjn4IWuE4CiYPjMh%2BJJc3Kzmg6y0Z4KY4kGIKA2wwWX4fHfC84pfvY%2BW1UfMKBeY3n4r1slqFfNKnrduZ2fJweVXIQrNLE6JwmPdNbsYj0Mjj8%2FreuVUWPMFp6lvcNKZlLYSpk9TTtVFABkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d229034-FRA
priority: u=3,i=?0

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ 42 KB
11 KB 391ms
28ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick.min.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19814678
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230045-FRA, cache-yyz4544-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdUaYoW0ZM2DV8Ao8uRRWAlaQ1EMif16ORAvOCfhpEgiewwJ%2Fs9iRvhgSpqvPVDAq8IdPTBd%2Fvfdwi%2FQlJOoroabSgn2cwrfctS5BrtsFH6kqa2%2BGxzQQa5r1%2BIPCRLw1tM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81380d9e48168fd4-FRA

GET
H3 200 app.js Show response
assets.isavetube.com/jsss/ 2 KB
1 KB 58ms
56ms Script
application/javascript 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/jsss/app.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f338c3dd6bdbeb02145e78871ab86e43fa0dfc4d5d4b343ecefaa26abdebe953

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2e2b292e55fdd6f5b5d7c9493bc4a8de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN1FVLUenoMTKPLRNx4%2F%2FKTFIOwKXxkE7nZJm6Iw%2BuJ5MLG3cEOjD53GwpqJN%2BKNPaQj8zMvzSbn01Xw1PEQw21yF%2BJ1jYBRx12zQeScKxy3c3aitwBCB%2FCHaDScK%2BRQjd4h6JwCbso1ScTLeqBh3TbdHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9c0d239034-FRA
priority: u=3,i=?0

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 389ms
51ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://dropgalaxy.com/
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81380d9e6ce8bb83-FRA

GET
H2 200 slick.css
assets.isavetube.com/styles/ 1 KB
765 B 46ms
35ms Stylesheet
text/css 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/slick.css

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.isavetube.com/styles/white.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7017
cf-polished: origSize=1776
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"d760ced64fb651ff2235b1d4a0c9ee99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgrL9TGuk5SWVLMt5ewpLUEW%2F1IRbzbKtRDMF%2BNrcDkmTHuCwWdQ8ekENOWr%2F5NsUJTneiGS9s1aqDZdWmWUbhZIRz3fnLVp4FRaJhwP8vu6NjPzK%2Ft53oKrc4SPAvR6k1aqwM0szfhiWJI4wyl5ZvvR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b9d959048-FRA

GET
H2 200 nice-select.css
assets.isavetube.com/styles/ 2 KB
1 KB 45ms
34ms Stylesheet
text/css 172.67.146.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/nice-select.css?v=1

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45eefab3bd1a5cb15b58d3e51fe3d6b6bd78c5f26102fb3bad6df456f6de37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.isavetube.com/styles/white.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3416
cf-polished: origSize=3273
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"3faf0e81f68c741aa314013dca165508"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxosTF3ZNHYqFdxfcCGtuPKvN8skY7acTLr5u02ytFS0%2F6JFh%2Bz7DXirxniA3sJ4%2FrJZrNFKBDW8qnOUwyHPnxpM9aKRwLYvUoQBbl%2FV4Vu2wLkRAJdg%2F2BL41lNYG1FYUR5HM6aHcMQX5PeAESdHaCtxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9b9d9a9048-FRA

GET
H2 200 truereachAdRender.js Show response
1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/ 27 KB
6 KB 417ms
19ms Script
application/javascript 195.181.170.19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/truereachAdRender.js
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.170.19 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 610407756.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 70122a0d99970ed002a3285721ea858dec3aae81eb795a698b706b70c762cf5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: gzip
x-cache-op: HIT
x-cache: HIT
x-77-cache: HIT
x-age: 27091
x-accel-date: 1696842408
x-77-nzt: AcO1qhE3Nzf/02kAAA
x-accel-expires: @1697879208
x-77-age: 27091
last-modified: Mon, 09 Oct 2023 09:06:01 GMT
server: CDN77-Turbo
etag: W/"6523c279-6be9"
x-77-nzt-ray: 4c156224f0bab7437b2c2465e4ea4801
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 438ms
90ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

4557e7da66711cbd611482efd5fa6705026f2d1edf8026900c2d53039526b0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29921
x-xss-protection: 0
server: cafe
etag: 323 / 19639 / m202310030101 / config-hash: 5566030157558447821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:38:19 GMT

GET
H3 200 fa-regular-400.woff2
assets.isavetube.com/styles/webfonts/ 98 KB
98 KB 104ms
34ms Font
font/woff2 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/webfonts/fa-regular-400.woff2

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6f6d662daf5cff3101520eef81c254b0419ea17cb8c0ae21acd6ab74eb74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.isavetube.com/styles/white.min.css
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 396
alt-svc: h3=":443"; ma=86400
content-length: 99900
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "56efac076528d446c4642cabde77b7dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rBWxenjX2vg2Y%2BU%2BSIRXAopSxaupjy9OG5%2BO3EX1HrnbEyN21sI8xWnxOHVBwDUyNm8wvMA%2BDxey3kwRxnxDTEY2hc4YsU98pq33Wp0apiOvvlOdFinKuyUCWglaAwC90A4774pAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c8a49bbbf-FRA
priority: u=0,i=?0

GET
H3 200 fa-solid-900.woff2
assets.isavetube.com/styles/webfonts/ 81 KB
82 KB 122ms
52ms Font
font/woff2 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/webfonts/fa-solid-900.woff2

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.isavetube.com/styles/white.min.css
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7018
alt-svc: h3=":443"; ma=86400
content-length: 83144
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "9965a2f45f9f489bd78a64cecd32acea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV1j6Tz%2BbY%2FPCVxErYpVgEgnOUzBvNDD0vM%2FN4vsQ3PdRVFGoDpDTCH1tBAT4SGiEZklj7FaSCFhGTN5TLgYzROnMNZnvYHCUPKbcnR94qnT2ewj9E%2Bcx9arJGNa%2F%2B%2FLNjcNbfkpUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c8a44bbbf-FRA
priority: u=0,i=?0

GET
H3 200 fa-light-300.woff2
assets.isavetube.com/styles/webfonts/ 104 KB
105 KB 203ms
134ms Font
font/woff2 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/webfonts/fa-light-300.woff2

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.isavetube.com/styles/white.min.css
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1539
alt-svc: h3=":443"; ma=86400
content-length: 106624
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d4c8eed57ca98d77eacd35fa53e003e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYPrg65NprI%2Fx9YtvXgW7choMEzlEQdpoxOYxJzulrMfKe%2Fj9Sc8SawrURnIrrsLhe9aq%2BpgSz9czxHK3yJWBzJxFMBA2PW7koYUUvBNE6FbcGDvSUequBuvju6Zfj1WtofjKxfKnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c8a4bbbbf-FRA
priority: u=0,i=?0

GET
H2 200 4L1BBUB8YW0 Show response
www.youtube.com/embed/ Frame 04A9 90 KB
39 KB 431ms
74ms Document
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

f6f135b6ceee6f42ab993747b78e90f9ed47b3cd96894b60679e90135d8fcdf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 icon_cross_g.png
assets.isavetube.com/images/ 3 KB
4 KB 44ms
43ms Image
image/png 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.isavetube.com/images/icon_cross_g.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fecc3914781961baacac2abff3843449e9c7ac7d3bb93392cd905fe50a0fbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1559
alt-svc: h3=":443"; ma=86400
content-length: 3247
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cd708aeb20b9dfb4f8095e28539c22fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgp4Y%2FkbVv6CMkducTR5iei8Vkse0qDtvZsEifrmSLgK%2FVjM8SRABdkz6O0uqivC1e4aHEDdwOCbWCL3QjJ6rhWn%2FDE7iJPYCLXyPWlVPbxrYPKCoy4GPuLAxIm%2BbAkRjJ39TfhXU6oayvWQWMOOc1kEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c2d549034-FRA
priority: u=3,i

GET
H3 200 icon_tick_g.png
assets.isavetube.com/images/ 3 KB
4 KB 51ms
51ms Image
image/png 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.isavetube.com/images/icon_tick_g.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0b0bb40bd4f5c073401e115bb1814de3169498e65676e2c6c7d70fbd582f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6677
alt-svc: h3=":443"; ma=86400
content-length: 3199
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "1e7adde0094bf697630f728c4f88ac35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQAlp7H%2B9pGLb1aiNOtT70%2BAGJca54moaSbNFGopRw%2F%2F%2F%2F1iKGFRL9%2FGIyKKwhtelT%2FQBsLAKZUeee4LNOnvBzQdRMHyBIWbfS9nbYdkJSnqvTd5IJIhjnsFaqRm2uHQMmdsnollbtI3kdZi9JCwErcysA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380d9c2d569034-FRA
priority: u=3,i

GET
H2 200 inr-upi.jpg
assets-7pb.pages.dev/images/ 41 KB
41 KB 69ms
64ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/inr-upi.jpg

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67938c0bee8f5f87a8b47f5b244edf20bedc6d1efce0d4d0f343cfd3af53cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "30a6b2c24133aefaa26ef7de2507049a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q45loQcjYXo54OzAGXaUKjz3Qn4YEnHPhrGRg5%2BBWqDbivN%2ByWASyPpPFkiH8p0HQ6NJ3XY7VXP8%2BFSAQ0pREx5BJ2trKRl4mhqlNLc9YKPR0tGwBvEOukGxObxg11ubdvbL0sgWxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8980bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41719

GET
H2 200 payuBanrding.png
assets-7pb.pages.dev/images/ 7 KB
7 KB 93ms
87ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/payuBanrding.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93388d13732c2f9b165a9b248a7cb5dadb8bd4200112eb65b4add94aef33f887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d772dbd40e6bfd144f5f4fde702a8492"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdCJlKszJg5IxSZ1R3uoiQd00f%2BeepVtSvmLnM7Ngd1eX612dEiX0VQnOuJC%2FsWbU%2BSRbD7h7yqhtc1jRcQQoAPCdNXJGVY7WOHxtfxlecgiLnQY1mtZag8qFerWtTPdkOFi3S7uOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8983bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6966

GET
H2 200 buy_btc.png
assets-7pb.pages.dev/images/ 12 KB
12 KB 88ms
82ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_btc.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c2afdd719180b3f0352e4457bf060b04ef78bd446441616d9f393bfe9f9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ab18755d8a315cab0d60b0c4112ae56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7huwvM%2BZLbEcri%2Bim9LlDybr8L6LQltQiet9Oc1joVORsdn8ZdC9KbjaUtj692kzD7TXuxly67PbqCLjjw4bHlsbK4juL27Osrn%2FYO1Mnr%2B2ZWwFpW4qqhcfsbIrpLZT975ZbRLoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8986bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12186

GET
H2 200 buy_bch.png
assets-7pb.pages.dev/images/ 5 KB
5 KB 57ms
52ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_bch.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a6f4bf24284685eb406d549abb091deee1552baeafa46639ca08bf63625d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4ab95a48b862609cd9a91eb24c2a53cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKxilo%2BFvD42RlBdc0g0vY1Lr7fsGw3CrZTCoVBxEcDQ5XhFRhw8mRwREwJNfRnC8FxxpMvsmhfmV8XzMaF3P3LRuAlOy2epySzAfaAsWBGUKcueK4QSltiaE%2FlmDmOgi5bBscO%2FrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8987bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5178

GET
H2 200 buy_ltc.png
assets-7pb.pages.dev/images/ 9 KB
9 KB 67ms
62ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_ltc.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8237c1024afc9b010ff81c2563a86c4a28d4c5486f9105aa2f06c4c5069e401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3831747fa3f9cf3ccab6058b944e02d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28MHlYzG50BJqja6ShaEEfnAfFLFitOYRd0q%2FvxEHL86vRPkuASY2e1N7b6VR%2BbcUzH9LvbXnrpWQCQllBCl%2BqKDGl3CI5SU1zTex6rRhl5M118NoEyESvIvcFc90eHueBbegkoYaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8989bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9409

GET
H2 200 buy_eth.png
assets-7pb.pages.dev/images/ 1 KB
2 KB 88ms
83ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_eth.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe6abeb48711f23656d32822f8b2aedf5283c1d545bd4bcb31db12bb67d9087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fad1fb6ddc3dab507ff2e91038e542c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MW05XtmjRHl9HAbX%2BBMBh9iUC%2FgdoTYHCxVSiGnd21HZ%2BwmXPAVYVHhumejy9VewVyvfPDx2o8XYN8Es8k0djFW0hYUI91wWF18m%2BiNH8P5cvhod549BN94ifuwrPdhzZAK%2FA09ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e898abba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1226

GET
H2 200 buy_cc1.png
assets-7pb.pages.dev/images/ 4 KB
5 KB 97ms
92ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_cc1.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faec35ffbb60f349f8961852f4c3f2ca495283c89fef601b685f44425244302e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dfb83b38780e6fd8031c5f7e1e902dbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxsv2P4H6t8e8tjJu4rXbkhpRmW1DDis3RmptvtoDOttOWA%2BWMHtbctH4mIh5%2FpBX4%2B9JX2Xi8qnMHmTufNst9rofv51Ddic6wDYt3nS2tvFtH%2F3uwYuoSfaJ%2FAjXPZQpHDPHL0jrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e898cbba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4352

GET
H2 200 buy_perfectmoney.png
assets-7pb.pages.dev/images/ 10 KB
10 KB 90ms
85ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_perfectmoney.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4f2a373ade00acb3b86dcbe4ce3aa230919d7fe7d4cec13fa0c4c61e3493af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9188d8ab087a1fa6fc26c615b287bb45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5MJbFRpxhStvextvijfSpYfodij%2BdhXvqy9YD2TIm%2FPBOyRPv0By5Xz7%2FrBKv5XJfyOgGE0AoXytyGmzWJbdhnX32WCnswYmBoUb02pDGfCIKN93cD5j496dbsW5diha8L7zZD5rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e898fbba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10280

GET
H2 200 buy_webmoney.gif
assets-7pb.pages.dev/images/ 3 KB
4 KB 83ms
79ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/buy_webmoney.gif

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d263b73bc8aa2c8febee7d5db0ecb0de3cc61d34730a11def32af99daacf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6a0fd592d4672c4b9123248cb245bc2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmrQ0Za%2B2PyIidofnl2CHGAfjhxVTL1NVPS0AlRzerYSpKkDJk2XIdCXks6WvBJQVVZe90QegxsxFBPb05XzmIrF4xGjIQsQGP%2BLYQ05WI8HTcQQwGuHCW604eSs%2BTU%2BYEpvzr8VsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8991bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3339

GET
H2 200 1593783858.png
assets-7pb.pages.dev/images/ 24 KB
24 KB 94ms
89ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/1593783858.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d895032e5054dbbec9957df2b61c4573f2efc9bd5b9090aa9322e46116ca1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "923d441f1d864c241195a9c91dc59fb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd%2B5zJ1DNanPHN5CJXn19kf6V0SraOQuocJJwvU9qxOW89ru1OUKkdg%2Fw%2BbEx4qoXq32QU1ZVQZE5Y%2FgVuT3ELodIJWaDTN%2BE8wuesqf2fmjQnKnxgTyZKlg%2FM%2FC2g%2BZZzouBiC17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e8992bba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24251

GET
H2 200 icons-390.jpg
assets-7pb.pages.dev/images/ 17 KB
17 KB 93ms
89ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-7pb.pages.dev/images/icons-390.jpg

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae41056f6ff9aae78e8b96c3fe05c860a107c12f5a221e299fe450f06bee817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7841797d4eebd8513a612fd8e9719014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHp6XIEtZkWWRdiZQrhT%2F5mA3WHZXKWqd5fAePVODM7rYCfEeuQzzKSK7fzn7g67lH2oJXtL3xXAjHW8CdMhnGO5MyBJ60MkxZdgcqNFlScAI82LLK%2BtKaNuJFODsTSFuAb6S4sMvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81380d9e99aabba7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17159

GET
H2 200 www-player.css
www.youtube.com/s/player/4a66ccde/ Frame 04A9 378 KB
48 KB 21ms
20ms Stylesheet
text/css 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48950
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 15:35:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 04A9 15 KB
16 KB 348ms
18ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 208270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 04A9 15 KB
15 KB 348ms
19ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 328304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame 04A9 54 KB
17 KB 25ms
14ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17035
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 08:58:36 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/ Frame 04A9 316 KB
95 KB 27ms
16ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96853
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 16:31:02 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame 04A9 2 MB
787 KB 39ms
28ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 805318
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 08:57:56 GMT

POST
H2 200 status Show response
mobileoffers-dq-download.com/ 20 B
741 B 105ms
56ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobileoffers-dq-download.com/status
Requested by: Host: js.mobileoffers-ep-download.com
URL: https://js.mobileoffers-ep-download.com/728b4eb28935252c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 09 Oct 2023 16:38:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlz8XpCbMdZ95Pw0KKpDt%2BhHLf3CwkYyblA6ADenyRgrDXuN0pT29rhX7EuyzUazPsTBMdgT8%2BbgebgqglvsXKDLysWBsYu546FgzXXZj1PHduhtlb80wSQIO12SBVxExS%2FIhyZFfdOO%2BjPY%2FlH3"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81380da24aeb9bec-FRA
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
38 KB 16ms
16ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:24:14 GMT
x-content-type-options: nosniff
age: 339245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:24:14 GMT

GET
H3 200 fa-brands-400.woff2
assets.isavetube.com/styles/webfonts/ 63 KB
63 KB 40ms
40ms Font
font/woff2 2606:4700:3030::6815:ab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.isavetube.com/styles/webfonts/fa-brands-400.woff2

Requested by

Host: assets.isavetube.com
URL: https://assets.isavetube.com/styles/white.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:ab0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.isavetube.com/styles/white.min.css
Origin: https://dropgalaxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1647
alt-svc: h3=":443"; ma=86400
content-length: 64224
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "883b6e2d175d910eb13affd9419bdd6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVoMKdMbaBwHpJAFA7JmRK%2BU%2FKnJqKnR8JcEb4UQXYT8t0MhQZhx0ybnl82iQNsbOlZTi1JSJxVtW%2F%2FC5znEt%2B1GplGSR9FsIBy2%2BNROaMpJ4unSSBMi7cFoO%2BWf4JTRaUHeItWMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 81380da22a9abbbf-FRA
priority: u=0,i=?0

GET
H2 200 pubAdsNew.json Show response
1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/ 32 KB
3 KB 382ms
26ms Fetch
application/json 195.181.170.19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/pubAdsNew.json?v=2023991840
Requested by: Host: 1437953666.rsc.cdn77.org
URL: https://1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/truereachAdRender.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.170.19 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 610407756.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 83e91ac3e0c1da4bd31ab633714f314c6c616a497b1c11c92c815f86e3628ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: gzip
x-cache-op: HIT
x-cache: HIT
x-77-cache: HIT
x-age: 12677
x-accel-date: 1696856822
x-77-nzt: AcO1qhE3Nzf/hTEAAA
x-accel-expires: @1697893622
x-77-age: 12677
last-modified: Mon, 09 Oct 2023 09:05:58 GMT
server: CDN77-Turbo
etag: W/"6523c276-7ff3"
x-77-nzt-ray: 4c15622461c314547b2c246501813f25
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 17ms
17ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 09:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25797
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Oct 2024 09:28:22 GMT

OPTIONS
H2 200 /
rd.mobileoffers-dww-download.com/ Frame 0
0 391ms
282ms Preflight
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.mobileoffers-dww-download.com/?a=489&file=Ad-Free%2CHighSpeed%20%26amp%3B%20More...&tr_id=dc153f08-1cd4-4ee1-8f18-8f870b90437f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://dropgalaxy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 81380da35eec2c02-FRA
content-encoding: br
content-type: application/json; charset=UTF-8
date: Mon, 09 Oct 2023 16:38:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 09 Oct 2023 16:38:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVW4AAdry17Z5Dxz9RKBOuxu2j5kw6OuvlG5N3OxqntqtWE1la2iw4uWQsuznAvDa1EWOX9EiWRHtFKFigymC2utT2m4nLiZXyNIH0D5hLQ7wo72m%2FyAmIPS0Zqmf9JDLyjZZAV1doRQtsXfIXKcAfxZCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 403 logoo.png
dropgalaxy.co/assets/img/ 0
0 372ms
17ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dropgalaxy.co/assets/img/logoo.png
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 items.php Show response
adoto.net/dashboard/display/ 62 KB
11 KB 509ms
167ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/display/items.php?4010&1636&300&250&4&0&0

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff8a413a693d09d2d5eab2659c5f83f058c1c7bdda89265c5aeb0ad4a10bf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 09 Oct 2023 16:38:19 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2oiImw3tqlBrt2dasADicJOsm6Sq%2BvmStsdApAEFu2D5v8RBE1%2FBKgXQ99X4uEdN51%2FkyTfu3MFO57rtFn5vWeCG0kRAhrzETC%2Fo2jimEfY1Vk5j3SfA%2BI8lzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81380da4cf8735fe-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 serve.js Show response
adoto.net/dashboard/display/ 98 KB
40 KB 366ms
25ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/display/serve.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba7a15e92ef49d9de9b604e15e556296ca547a5e5c489ff93fe39fbe722c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1417302
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 02 Jul 2022 16:40:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw%2FU%2Bu65cacvu6XRid2J33n7tB4qmFr%2FRwwREhq%2FFo4afGPNhT%2Bacf3vGJ5wutt8q5%2B62jnRJ%2Fvi8JNBPdbSawuBqKQmjDNBOQ7sqk%2F8o8kRKon891B5tA5T7WU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 81380da4cf8a35fe-FRA
expires: Mon, 23 Oct 2023 06:56:37 GMT

POST
H2 200 status Show response
mobileoffers-dq-download.com/ 20 B
316 B 69ms
68ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobileoffers-dq-download.com/status
Requested by: Host: js.mobileoffers-ep-download.com
URL: https://js.mobileoffers-ep-download.com/728b4eb28935252c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 09 Oct 2023 16:38:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cT%2Bvs3vKT8dn3UBWfvsZysMgvGVkV410gCVfjY772QkmZCamA8GC3RdODuXo6uzUpFrXgFgwTGupnsa9oVwi8hWfchk%2Bl5X8%2FWubpGnO68e0TMD1jmHtlBAVhuOcTfEc8I7wAxCzY3PcKSTwNiz"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81380da2ab639bec-FRA
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
rd.mobileoffers-dww-download.com/ 0
382 B 194ms
193ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.mobileoffers-dww-download.com/?a=489&file=Ad-Free%2CHighSpeed%20%26amp%3B%20More...&tr_id=dc153f08-1cd4-4ee1-8f18-8f870b90437f
Requested by: Host: js.mobileoffers-ep-download.com
URL: https://js.mobileoffers-ep-download.com/728b4eb28935252c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dropgalaxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 09 Oct 2023 16:38:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0qC166ZImh%2BZtJ%2BvKWZ4R%2FlVnc2j63jrKr5IiMrH15b2%2BLoXOro72BPUmyFnWs3aSIm5vFkF3x1WyOWDP4UAPyYCILATvrd8kbRtP%2F60AWJq5F9E9MDqlyKSjXl%2FDI2o1Lspv1bq%2F6mCVssjcYLCrCJ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81380da518fb2c02-FRA
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

main.js Show response
dropgalaxy.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame C0E0
Redirect Chain

https://dropgalaxy.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dropgalaxy.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

19ms
18ms

Script
application/javascript

2606:4700:3038::6815:eb9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dropgalaxy.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Server

2606:4700:3038::6815:eb9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696d3810d889570c925caeff4f93d6cefb360dc49c3a621be158157dd7608c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciNPqTVuyVTNMFXicXyEP4GAa2C8GJfvKMRZSXZSm9fjzfzyBExxEvdMRZ%2FfkxXc2eDc92YFvi413svTDuDD%2BgCqsCNXzliGQZ2FGzmIbU6R88RKs9dv5I772V08D%2F7c9zedg2%2FVuUJ5xTtxrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400, public
cf-ray: 81380da34b581997-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Mon, 09 Oct 2023 16:38:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfRnHxmT3yn4rW3OAKNq01vpUTGnaXW%2Bqr67W7h33R1Lcs0SRgR%2FRC8O5MZNe6NvSgSlu1KnUtYYAFzblZBA0qMxR6WzpFSf4AGJFEt6fMVH2a30OgOsYXzfZQd6x%2BYGbg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 81380da2fdd41976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 04A9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

18ms
18ms

XHR
application/json

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8a6013ad4debfd9940633a77b7ade77044f74497239d145c7371a76744d63bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Oct 2023 16:38:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 04A9 29 B
495 B 349ms
14ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:25:58 GMT
x-content-type-options: nosniff
age: 741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 16:40:58 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 58ms
8ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:26:36 GMT
content-encoding: gzip
age: 1257103
x-guploader-uploadid: ADPycds1PaeyFfIh12Mvi4MXbVkVTLNhbsRouTUUmujXZAvJqZo51mUizigwOb-lfTkl3U6iUvB6NMN1Ld9EFq6ZNL-vwwhia4AX
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 24 Sep 2024 03:26:36 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 563ms
62ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Oct 2023 16:38:20 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
833 B 26ms
23ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28619
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqu98DtAXyxLB7J1iIDG47IGhQKhaO%2FCVVfoeNjOAQF9tV%2B2%2FYlpx8hwxtFy%2FFyHtkJca7KgzvIPm52rH4oiq5LSMRzdy0Dpzby%2FKNdZLfmZhZbxyehV0YhUROEj8CIa0Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81380da3ef368fd4-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 137 KB
30 KB 573ms
28ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:57:30 GMT
server: cloudflare
x-amz-request-id: 85753XS463EA1579
age: 1652
etag: W/"cc596ad33b7bfdd4553b44192a81e29f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81380da74ebd1a6b-FRA
x-amz-id-2: wPkylvzmBsPFsmMk70pvNw9B1B6emnoQtSKFx5AfCs3bm1q+xfKWvXrsZn+LusZ1CCl+BkV5Ge8=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 48ms
10ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:40:33 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 50267
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: C7O0-uvo4ZKkbVnKkDfH7UDXYCtwHjsXS_HmTZJ21zBSaVhXEe0BMQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 79ms
30ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: b80f383fd80955c128bfa796495634f7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 736 B
395 B 1039ms
1037ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=162717810%3A22658273219%2Cdropgalaxy.com%2Cin_content&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=1&didk=3656045228&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499476&lmt=1696862299&adxs=632&adys=63&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY0YS3qrExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjRhLeqsTFIAFICCGQSGQoKcHViY2lkLm9yZxjRhLeqsTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0YS3qrExSABSAghkEhcKCHJ0YmhvdXNlGNGEt6qxMUgAUgIIZBIUCgVvcGVueBjQhLeqsTFIAFICCGQ.&dlt=1696869497709&idt=1730&adks=630216756&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2e9e90cffdd2ffbce7312574392093fd7d59b3054dc681f40c7701f5255833a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 638 B
304 B 758ms
756ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=162717810%3A22658273219%2Cdropgalaxy.com%2Cbefore_content&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=2&didk=557921294&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499486&lmt=1696862299&adxs=230&adys=261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1140x2231&msz=336x292&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY0YS3qrExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjRhLeqsTFIAFICCGQSGQoKcHViY2lkLm9yZxjRhLeqsTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0YS3qrExSABSAghkEhcKCHJ0YmhvdXNlGNGEt6qxMUgAUgIIZBIUCgVvcGVueBjQhLeqsTFIAFICCGQ.&dlt=1696869497709&idt=1730&adks=4260672100&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71193bb93b98f3051278ffbfad3a9d8f47b46bcfc923caa76b6924bf963e8765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 644 B
314 B 402ms
401ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=162717810%3A22658273219%2Cdropgalaxy.com%2Cafter_content&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=5&didk=1185067365&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499494&lmt=1696862299&adxs=260&adys=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1080x240&msz=1080x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY0YS3qrExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjRhLeqsTFIAFICCGQSGQoKcHViY2lkLm9yZxjRhLeqsTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0YS3qrExSABSAghkEhcKCHJ0YmhvdXNlGNGEt6qxMUgAUgIIZBIUCgVvcGVueBjQhLeqsTFIAFICCGQ.&dlt=1696869497709&idt=1730&adks=1472709235&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3022479f7d4c017a04d3acaf159ecf2a9b65d96faf5d70924e5d666975b89b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C82A 6 KB
3 KB 554ms
58ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:20 GMT
expires: Tue, 08 Oct 2024 16:38:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 524ms
57ms Preflight
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 09 Oct 2023 16:38:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 04A9 68 KB
31 KB 51ms
39ms XHR
application/json+protobuf 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

a91b225d728ab18fc3b032d4df5a1a56d2d7476750464b38f40bbc0a61ca7571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31964
x-xss-protection: 0

GET
H2 200 aEM3wyowRXOK6McamWb124rcQG3qi0dPiMX68DfHFCE.js Show response
www.google.com/js/th/ Frame 04A9 37 KB
15 KB 510ms
21ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/aEM3wyowRXOK6McamWb124rcQG3qi0dPiMX68DfHFCE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

684337c32a3045738ae8c71a9966f5db8adc406dea8b474f88c5faf037c71421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14687
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 05:16:19 GMT

GET
H2 200 sd2.jpg
i.ytimg.com/vi/4L1BBUB8YW0/ Frame 04A9 29 KB
29 KB 487ms
20ms Image
image/jpeg 172.217.18.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/4L1BBUB8YW0/sd2.jpg?sqp=-oaymwEoCIAFEOAD8quKqQMcGADwAQH4Ac4FgALQBYoCDAgAEAEYciAwKH8wDw==&rs=AOn4CLD9dHKME3asFuAZO-EFcYC6ghbiAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f22.1e100.net

Software

sffe /

Resource Hash

f71fe45c0cf9b011848c296485a706a5649175cd02c10d6ead2558714f7d397f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:11:15 GMT
x-content-type-options: nosniff
age: 5225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29461
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 09 Oct 2023 17:11:15 GMT

GET
DATA 200
OK truncated
/ Frame 04A9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKZZsxJOC4GrrxkpG-4jNMfAxZfJykOdNzCDi_VH=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 04A9 4 KB
4 KB 480ms
20ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKZZsxJOC4GrrxkpG-4jNMfAxZfJykOdNzCDi_VH=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

fife /

Resource Hash

6d9daa7b71eb439c04883b00ef419d6b7ea9dd0f3afaeed1485001b7c675331f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:43:29 GMT
x-content-type-options: nosniff
age: 3291
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3905
x-xss-protection: 0
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 10 Oct 2023 15:43:29 GMT

POST
H3 200 81380d8f48ed1976 Show response
dropgalaxy.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C0E0 0
576 B 44ms
42ms XHR
text/plain 2606:4700:3038::6815:eb9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dropgalaxy.com/cdn-cgi/challenge-platform/h/g/jsd/r/81380d8f48ed1976
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgRspEbDStVhMgnKkEL7W5RicEJukPdNF%2FHPVkyVlPRDE3x%2FkUuGu30%2FnAFDsO2vC2gk%2B6Pe8h6DeOKyk84tNksBapLQAtvHT53AaIH4Lp7teDUPgmGJhDlhtVWzBDWNbJqBUTsZL3glb%2FAaLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cf-ray: 81380da52e571997-FRA
alt-svc: h3=":443"; ma=86400
priority: u=1,i

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp&cc=1

85 B
195 B

146ms
145ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp&cc=1
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0f20e136a8085c3969ccea8fa9cacfccf71da54d5bcf3065d29a0bc074f5165e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-IemK59SiNXF7MOmxP+3G+nvsaOg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dropgalaxy.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 09 Oct 2023 16:38:19 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://dropgalaxy.com
location: /esp?url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
29 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 1437953666.rsc.cdn77.org
URL: https://1437953666.rsc.cdn77.org/publisher/8235c396-1489-11ed-a103-371449b6c804/truereachAdRender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b1801b0bf273f6a835011144142043c902656262e381c11584cc0591c0893d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29928
x-xss-protection: 0
server: cafe
etag: 497 / 19639 / m202310030101 / config-hash: 5566030157558447821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:38:19 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 475ms
474ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_Interstitial_&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x480%7C336x280&ifi=6&didk=555173567&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499755&lmt=1696862299&adxs=650&adys=475&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=1656169214&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b9dda0c4cdc0e03a6ee98ee60d7b727bb82910644f8c5356cc09bcffeff93a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11299
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 627 B
310 B 1634ms
1632ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_Sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C980x120%7C750x100%7C468x60&ifi=7&didk=2190460998&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=dropgalaxy.com&abxe=1&dt=1696869499757&adxs=315&adys=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2F&loc=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x-1&msz=970x-1&fws=512&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3522649946&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

829146548e3e500ade46c605ce055361f28e7eb71322d24f9bb1ff7f267d81eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 1082ms
1081ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=8&didk=4037781821&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=dropgalaxy.com&abxe=1&dt=1696869499760&adxs=0&adys=87&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2F&loc=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=120x600&msz=120x600&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=539385062&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa40e82200247a6674f62bc96d029fe3b02e077a6a6a62fda7a530a9c7fadbf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16346
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 829ms
828ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_160x600_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=9&didk=3109207601&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=dropgalaxy.com&abxe=1&dt=1696869499763&adxs=1480&adys=87&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2F&loc=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=120x600&msz=120x600&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=1098410920&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baf61ff1ad4dccaf0f64c0fd7a37efae7e6883f522aa1aafa13ae928017ff2c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16190
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 1417ms
1416ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_300X250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=10&didk=871568089&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=dropgalaxy.com&abxe=1&dt=1696869499766&adxs=315&adys=111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2F&loc=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=970x90&msz=970x90&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=1133290817&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee8121e2747cac89278f37f4add5fcd5e03c7233fc2fae6d22cc1962a43d0d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11217
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 626 B
309 B 559ms
558ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22081762831%3A22658273219%2CDropgalaxy_MTF_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=11&didk=670611966&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=dropgalaxy.com&abxe=1&dt=1696869499769&adxs=315&adys=341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2F&loc=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=970x90&msz=970x90&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=2249481413&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbf3d3336d4193c4621b247a3fd6502d29ef183b8082dc92c928385fdc1e6861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 423ms
53ms Script
text/javascript 104.20.9.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: adoto.net
URL: https://adoto.net/dashboard/display/serve.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.9.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 2302
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 81380da80bca695b-FRA
content-length: 4547

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 391ms
43ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adoto.net
URL: https://adoto.net/dashboard/display/serve.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 15:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2807
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 09 Oct 2023 17:51:33 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 302ms
45ms XHR
application/json 52.209.147.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: edcc9006a24ec98b38d2501a0816cd3883c4c0dcf8dff8f61a90ccf2c7e8bd0c

Request headers

Referer: https://dropgalaxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache
x-server: 10.45.28.151
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 index.php Show response
adoto.net/dashboard/display/ Frame F553 11 KB
3 KB 218ms
217ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service

Requested by

Host: adoto.net
URL: https://adoto.net/dashboard/display/items.php?4010&1636&300&250&4&0&0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0a5d442d4bfa9b08982b55a67e050fc7d9f29b5b89354e772e24dc8997884f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81380da6ea6235fe-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 16:38:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hscrWHuNTZTcSQyxcvy73KIWCXr%2F1ZCw6ugQLLZj01TFHImONHd0MHgFks8enNyXOjWVn%2BPIty0yqrWx%2BQoZVKHwvu3%2B8T32%2B3uk4jTJ8IxLPoLIIsRgO1zCNU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame BFCD 0
167 B 88ms
31ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 09 Oct 2023 16:38:20 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7D95 15 KB
6 KB 377ms
31ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 234697
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 304ms
15ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://dropgalaxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dropgalaxy.com
date: Mon, 09 Oct 2023 16:38:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 204 generate_204
www.youtube.com/ Frame 04A9 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?VJR7Eg
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 04A9 94 B
138 B 21ms
21ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c28f1d1a3b3c83fbb98858042da0f39b5909a39a7d59eec13ae43235a14a75ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 1E3D 223 KB
62 KB 379ms
21ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:22 GMT
age: 545578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 1E3D 15 KB
5 KB 398ms
41ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:44:02 GMT
age: 359658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:44:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 1E3D 94 KB
28 KB 394ms
38ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:07:53 GMT
age: 369027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:07:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 1E3D 5 KB
2 KB 396ms
40ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 15:20:34 GMT
age: 350266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 15:20:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 1E3D 40 KB
13 KB 399ms
42ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 07:07:22 GMT
age: 379858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 07:07:22 GMT

GET
DATA 200
OK truncated
/ Frame 1E3D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a093f69722436a270fc181f1bed4adcccc8832dae536e10927a24dbc0708b1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3899935330849654819
tpc.googlesyndication.com/daca_images/simgad/ Frame 1E3D 93 KB
93 KB 382ms
28ms Image
image/jpeg 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3899935330849654819

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

c0809981c731cd92678917075984c524be712ddb9372634b9cb91c24bafe4b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:04:10 GMT
x-content-type-options: nosniff
age: 153250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94930
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 00:15:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 22:04:10 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3D 2 KB
3 KB 415ms
62ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69543
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3D 295 B
424 B 381ms
28ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69543
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 366ms
104ms Script
text/html 54.39.128.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1696869500315&@k0&@l1&@mDropGalaxy%20-%20Free%20file%20upload%20service&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:72932922&@b3:1696869500&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562109.ip-54-39-128.net
Software: /
Resource Hash: e3c6dc8ba0d58a52aa3034acf2477db53a9149f2f1bbb97a0877513ca0bed139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 16:38:11 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 22ms
21ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1471486107&t=pageview&_s=1&dl=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&ul=en-us&de=UTF-8&dt=DropGalaxy%20-%20Free%20file%20upload%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1239203348&gjid=749127651&cid=959624182.1696869499&tid=UA-70132428-1&_gid=339406076.1696869500&_r=1&_slc=1&gtm=2ou9m0&z=406912334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5f074b56653f8bc86cd95bc2742b69e1397044b1d8005a85944191c4de9a0726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dropgalaxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dropgalaxy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 26ms
25ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 09 Oct 2023 16:38:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 jquery.min.js Show response
adoto.net/dashboard/display/js/ Frame F553 243 KB
74 KB 43ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/display/js/jquery.min.js

Requested by

Host: adoto.net
URL: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2273028
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 11 Apr 2021 22:28:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8nHyR%2BFg9z8Js5B7FAcA%2Bhyy86ZTBVOkQFemnvCiL7yo6Y1NG112vJmuftjIhMNCzYWPkq7LxfW67hhZnF3c96UPzfhdnnFfEHgE7DFjAfGUAAhkOMn73ni6DV1OjKE9qVZUziMIKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 81380da99c33085b-FRA
expires: Fri, 13 Oct 2023 09:14:32 GMT

GET
H3 200 1-icon-1616283432.jpg
adoto.net/dashboard/upload/credit/ Frame F553 510 B
1 KB 26ms
26ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adoto.net/dashboard/upload/credit/1-icon-1616283432.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bafece3ffa322300ff62bc835e4283963fcacdc0702b4ef98589d8351d1a568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4865066
alt-svc: h3=":443"; ma=86400
content-length: 510
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 20 Sep 2021 21:50:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlBUOnw0n4dyqZodognG5GsYG5FSNWvArJjO9Q9za0TCUDwR53X8icI2Al3ybI8dhCixLy9xov7wA8GQq4fLYy%2F9%2Fl3zbKypFLewXlMLTiZ4mQdqr7FeDgt951NM0eSIUMGq6pmCUXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 81380da99c37085b-FRA
expires: Fri, 13 Oct 2023 09:13:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 408ms
54ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37X41MY0HW&l=dataLayer&cx=c

Requested by

Host: adoto.net
URL: https://adoto.net/dashboard/display/serve.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e0a9de4245fe9d474bd640f4145bcad9d81dd8bc183dabbd419dfd4e1908683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 16:38:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 387ms
35ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37X41MY0HW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a94ef16aa0d6f302acd8f996f93164be916cd5bff2f0ab2c8d5648f5e784892d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 16:38:20 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7D95 433 B
556 B 20ms
19ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=dropgalaxy.com&sn=ChromeSyncframe&so=0&topUrl=dropgalaxy.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e7010077d965ba073c73df3c43586f0892dfc4890c8d790260ae83d354f2364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1116358
expires: 0

GET
H2 200 container.html Show response
e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7335 6 KB
3 KB 12ms
11ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:20 GMT
expires: Tue, 08 Oct 2024 16:38:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5633 2 KB
3 KB 419ms
42ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec47e9af3031b19c9b83f2dd3558b6134878acb16320c911a6521d4cb6f1422

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81380dad6c233a6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7335 3 KB
1 KB 74ms
58ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 97E4 1 KB
1001 B 384ms
18ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Mon, 09 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7335 20 KB
9 KB 35ms
19ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7335 0
0 38ms
24ms Image
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOv1XD301fmjHybVB9eKqdMZiuUAB3DqOscl3VEONKbTfdUt1yZ-8d6oRDw90lbE0OxoLUk9TKWT3QNEWRci6D0RKlLw
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7335 24 KB
7 KB 36ms
21ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7335 187 KB
59 KB 401ms
35ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:38:21 GMT

GET
DATA 200
OK truncated
/ Frame 7335 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71eae1368a97e86e6741aafb47e74e8c71f4ff0b2ab76ddf39db101a71f4a6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

25ms
25ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Mon, 09 Oct 2023 16:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E3D 0
0 68ms
68ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr58jeywkZZT8MprigAeiyI-ICvuum45xy7n37uUN3MPp-ZwlEAEgrbr5fWCV4pCCoAegAaHU9eADyAECqQLBChpvu6mxPuACAKgDAcgDCKoEmwJP0HLt6UkZDBzNhZ7XT3ZJdSvrh9NCri4G-1DhAE17aDl9L94ULrB3TqbZ5DESQDVepkwvC5kuwhxqPhU43K5KUPljm0hCjklqUHkKGUd4SKgE5ehBHCFAlRfoumCupe3d02NWE2OvrISvsc_HujGBspm6Eie8dVvfy9sMmdF-zKBjJdowzl_svph_kjGclW6iNU8vtVB_5z7YpItr9w1nD2Hi3jJNIQjjmxMOOTV6g5UusR-0G-DTRRKmErb8tk13JKMMl_TzsfY9akMJk-jYKgXXVzGUfmhyajm3bxRwZP31f6OzvXp_tlKyHo6P98KVXuHtNxM_ZR8dtM12H9o230jwH-algM5_sUwSfrgMInkNG_2Uqy2BWH9fwASWhKiwugPgBAGIBerc3u8vkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8erih-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDEsTLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk4aHR0cHM6Ly93d3cudGVsZWdyYWZpYS5ldS9lbi9wcm9kdWN0cy9lbGVjdHJvbmljLXNpcmVucy-ACgPICwHiDRMI3ouRvrPpgQMVGjHgCh0i5AOh2BMC0BUBmBYBgBcBshceChwIABIUcHViLTQ1MDE1NDMxMDE1NDQzNTMY7tB2&sigh=AX2Iw8Zgh-E&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNPyzlmlSb9a7Ns-gbY_ojUokxbdVLrCY06LqmuX25kTbc2ib4ucUt_nvwjgNXzN3o-gRctcSQGAE&cbvp=2
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 container.html Show response
e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F20F 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:20 GMT
expires: Tue, 08 Oct 2024 16:38:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 35ms
34ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70132428-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37X41MY0HW&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac8685ec8f4c7cd7549906a414415d5c466d3a7e6182153e092a527e2cf38ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69009
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 16:03:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 16:38:20 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 32FC 2 KB
1 KB 114ms
66ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee565c9f3c48562b07677fef37b666515ed59c940ab400747f7c4443b4ccfc6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81380dad6c253a6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F20F 3 KB
1 KB 31ms
19ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4C8A 1 KB
677 B 49ms
18ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Mon, 09 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F20F 20 KB
8 KB 23ms
15ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F20F 0
0 41ms
35ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRARBqIC-esfLMzg1YAKRMbYhkVlGvVGDNIBc_d-TGn36lAiZkViBSfQkph9hgceR24tlCiwLUJjprybAkh4nNnTiP1Mw
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F20F 24 KB
6 KB 23ms
16ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F20F 187 KB
59 KB 108ms
77ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:38:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1471486107&t=pageview&_s=2&dl=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&ul=en-us&de=UTF-8&dt=DropGalaxy%20-%20Free%20file%20upload%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAUABAAAAACAAI~&jid=&gjid=&cid=959624182.1696869499&tid=UA-70132428-1&_gid=339406076.1696869500&gtm=457e3a40&jsscut=1&z=537676887

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 11:19:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19116
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 5633 115 KB
14 KB 36ms
33ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 283706
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFBKXow9kR3MAO4m3jhehY87poILaKi70vzn6YjLfZCtd5b0b%2Bf24RPX64%2FFH26zhDiu%2B8DofriaxpM6m50QpFubZQNHyGY%2BGTpSrQXnANChc9f12p0L0rKKfc4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 81380dadfcf33a6a-FRA
expires: Mon, 09 Oct 2023 17:38:21 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5633 25 KB
10 KB 44ms
24ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 518867
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX%2BJNZq6hiWwYA3wsxKvBQXVYwpT2F4Q5iqYPPN2eC6mExj61d4D91o8AS%2BTrcQdU4Mt%2FFBg%2BKe0qZ3q40z5d1nXKq89zGWSYV1eHuL0jTVhwBl7DNuJCW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81380dae1d123a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 16:30:24 GMT

GET
DATA 200
OK truncated
/ Frame F20F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f539b69d864e32369ecd8c67511372d972ff88baae42258c81767075cd540b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97E4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_cver=1&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vE...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=703b2528577f18e6&is_secure=true&networkId=14000&version=1&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_cver=1&google_push=AXcoOmS5gVRs...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI1PkHT0QGSQNpnBGZAAAAAAA&expiration=1696955901&google_cver=1&is_secure=true&google_gid=CAESEJTM1-TFxF-ODpVHH7mjd...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI1PkHT0QGSQNpnBGZAAAAAAA&expiration=1696955901&google_cver=1&is_secure=true&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vEbFKp1HBi029-ecPsveR9uYegMOwh3TrfCRP6VSZSAegQlCg

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI1PkHT0QGSQNpnBGZAAAAAAA&expiration=1696955901&google_cver=1&is_secure=true&google_gid=CAESEJTM1-TFxF-ODpVHH7mjdis&google_push=AXcoOmS5gVRs4nelJlQcCl4iE8eAd-37qDMlsujhZW6OFA5e3xnE-vEbFKp1HBi029-ecPsveR9uYegMOwh3TrfCRP6VSZSAegQlCg
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97E4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDjf0ReRCYMTQZyYd_sg694&google_push=AXcoOmSLKD35R9g4MSdf1jK3iH954vQfCHHMek3NBGJ8_ppHZY8WW2RJ3e...

170 B
188 B

30ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDjf0ReRCYMTQZyYd_sg694&google_push=AXcoOmSLKD35R9g4MSdf1jK3iH954vQfCHHMek3NBGJ8_ppHZY8WW2RJ3ec4HWnvUZflcXOssqalUVzyOmLzzQQBSVrXXOZJKrurWg

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230109-FRA
pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696869501.341845,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDjf0ReRCYMTQZyYd_sg694&google_push=AXcoOmSLKD35R9g4MSdf1jK3iH954vQfCHHMek3NBGJ8_ppHZY8WW2RJ3ec4HWnvUZflcXOssqalUVzyOmLzzQQBSVrXXOZJKrurWg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97E4
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE6a_IG4RXHzZP_OkZV9ql0&google_cver=1&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VXOMD5OUtpG_IfLBJb3&google_hm=sqRU-TbzRDCYvjZWbicZyPE

170 B
329 B

41ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VXOMD5OUtpG_IfLBJb3&google_hm=sqRU-TbzRDCYvjZWbicZyPE

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:20 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQdaksBQGRFL2448WFJvsL4I2o_2t3_1DVZgFBGASFTlsPomrqoeff7guv3hVpurKY8AxdzK8G63VXOMD5OUtpG_IfLBJb3&google_hm=sqRU-TbzRDCYvjZWbicZyPE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 97E4 0
172 B 142ms
64ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG6tTZqeGWczzru2SKv0rPI&google_cver=1&google_push=AXcoOmQNTkDwopI3NbQ4F4jUa7dBeJ-tdOIh2XCm_vfYkjRQvi0YgAwyak8rS9_8JG8Ty6QMhFKjji9lzqHCkeTmwMyBZ-pr0Rb8
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97E4
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ9Im...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YkUGvrxW01jBBlBMAg2I-4sShbzkJ1fmwNEXMg&google_push=AXcoOmQ9Im2hm7OWOZxufdWdiREDRuTDJnhiZ8MrBsgsgLTDzWf6UGh89_3mJrsmhnCnL6_WSOUAcWi6_Z8J...

170 B
232 B

42ms
25ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YkUGvrxW01jBBlBMAg2I-4sShbzkJ1fmwNEXMg&google_push=AXcoOmQ9Im2hm7OWOZxufdWdiREDRuTDJnhiZ8MrBsgsgLTDzWf6UGh89_3mJrsmhnCnL6_WSOUAcWi6_Z8J8A77r2NywP67s0I2ng

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:20 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YkUGvrxW01jBBlBMAg2I-4sShbzkJ1fmwNEXMg&google_push=AXcoOmQ9Im2hm7OWOZxufdWdiREDRuTDJnhiZ8MrBsgsgLTDzWf6UGh89_3mJrsmhnCnL6_WSOUAcWi6_Z8J8A77r2NywP67s0I2ng
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 920364
content-length: 0
expires: Mon, 09 Oct 2023 00:00:00 GMT

GET
H2 200 ebda
match.360yield.com/match/ Frame 97E4 43 B
199 B 193ms
33ms Image
image/gif 99.81.117.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEPvWRrfN2Owd4iHTNgHfjtg&google_cver=1&google_push=AXcoOmRGngeOzhccH_Jbj8FnKiiceBiqFMUfdrFQ7n1czjLkOtyo2aJuGhNi155JKEdV4G8d7gLkJGBzl0J0n73bx1HjWnhQ7lio
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.117.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 16:38:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 97E4
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKc1d2pc7DCU...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWFhN2VlZmQtY2U4OS00ZGMyLTkyYzEtYTI5MzkxYjFiNDZj&google_push=AXcoOmQ-6Fam3rNUxGFK3FxQVvfFFyJpI2G6LfuLtxB5NlDG9TaNtaUHYDB2wECvj5JWU...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

79ms
40ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Mon, 09 Oct 2023 16:38:21 GMT
pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 97E4 0
139 B 136ms
57ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlTCZmTg3ffO4LKW_aMkfOnQIFfK0rRinuoG8dY6cyFB0w_0oTORcaS7UHKOZVlVlEFqyTtQ

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 32FC 115 KB
14 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 283706
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyRqEehPLsYloXKp8xGP4SRkOikOJCy%2BaE3vVhB9m7xT8oXX64PsN2LRcdvJUlZ1R1ZnTgxS6oZtBDyOidrVS2LaqTwFDRjN1i%2BP4rBeCYm%2BHCXtiBoYyUZBCDf4lq23y2m%2F1DK%2BYpI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 81380dae7d7f1c40-FRA
expires: Mon, 09 Oct 2023 17:38:21 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 32FC 25 KB
10 KB 60ms
59ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 518877
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SePhFrF8HI7nUIPgAW6%2B97nfyfJbTueeQEUgEGvr8QqwlBeYaFfqMBcPCgGLmnbazfKm5ppugdy65ijSSBq2QAXuAnbjSmXGIFk2MHpDKfc1nJCnhYSw420l%2FiLARI1Xq%2BQYs5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81380dae7d811c40-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 16:30:24 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4C8A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzD...

43 B
420 B

263ms
202ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81380db22d3d4d40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3604
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJUZrFL5dbaQHAAy_WHv0Js&google_cver=1&google_push=AXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkC8hHowOkEHeBrxdv-_koXTXHU3gLCmI3mCdBCVTeaLJ5Y6GzIMWmO6WNGLDOItAK6vtY3uSSSOoZ0Bd2iM0kaHeRzDT6w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81380db0ba984d40-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4C8A
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELhY0X2lPAwoZFheLHEjfzM&google_cver=1&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TmIxadRQSbUgzbgMs-wbOw&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc-O6-TIaTka2I0w

170 B
232 B

43ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TmIxadRQSbUgzbgMs-wbOw&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc-O6-TIaTka2I0w

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Oct 2023 16:38:21 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TmIxadRQSbUgzbgMs-wbOw&google_push=AXcoOmRTXRw3-HBCA5RexKf_K_adsS6DlQNjfO89mWJz8xHcZ7hOE2RzgiNp92Rc3C9MDmao_O7_qlLoU5YjP3Nc-O6-TIaTka2I0w
x-host: tde-deliveryengine-production-868978d85-5fjgh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C8A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECB_Nsz1BhudQACOtrrvE9g&google_cver=1&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECB_Nsz1BhudQACOtrrvE9g&google_cver=1&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwOTg2MTI1MDYwNDk0NDA0&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt...

170 B
188 B

29ms
25ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwOTg2MTI1MDYwNDk0NDA0&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt9eNg_DwRGscT5Hv5dZ8V0Q

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwOTg2MTI1MDYwNDk0NDA0&google_push=AXcoOmSl5UtpVIQRjabrFgFgFUCIVD2j85nLae_iHM4_aRkz6Odd6NR_u_Il0L3ls3WJtO6qgb6arJmt9eNg_DwRGscT5Hv5dZ8V0Q
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4C8A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED8BZPQvUMZpmVAjqmOVgGo&google_cver=1&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNEFFVDMtMVMtRFFRRQ==&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2ksWZ_8QHj-zmaU9oHe1Us9g31-

170 B
232 B

46ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNEFFVDMtMVMtRFFRRQ==&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2ksWZ_8QHj-zmaU9oHe1Us9g31-

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KNEFFVDMtMVMtRFFRRQ==&google_push=AXcoOmSLJWeJFxKb-_NUnUg8cCaFNp-oTZQop9PSvOH4KBhXIu61auaF5KSQSOeaEucJ9UEPM2ksWZ_8QHj-zmaU9oHe1Us9g31-
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C8A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_hm=ZSQsfTbiEEBncNcIFtd0WAAADGoAAAIB&google_nid=index&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i...

170 B
188 B

37ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_hm=ZSQsfTbiEEBncNcIFtd0WAAADGoAAAIB&google_nid=index&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i9zNbrhkG1I2NwcQmCUMiuGn4CFIYRBQNwR71Yz705FSX-e1Oy9vsaLjqHVVEB8T

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXeNybs7c3UJBtmg2oYRNNXBZpbtcfJqwMoni2HVTfIByG6TeyDxz1y2pR1MFy9Rs%2B2529YmxUg2lmdKAL5wXEuaLYxYn0cCqiqoxUouFeOm0gMfCsFNzuQR5gdvcw%2FvFMtmsh6VQ5YHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJw6UOinAc_rzobuyROL9NY&google_hm=ZSQsfTbiEEBncNcIFtd0WAAADGoAAAIB&google_nid=index&google_push=AXcoOmTAgsqUIlbnGirnkS7FRwdN79T6Ozu7i9zNbrhkG1I2NwcQmCUMiuGn4CFIYRBQNwR71Yz705FSX-e1Oy9vsaLjqHVVEB8T
cache-control: no-cache
cf-ray: 81380dafce893605-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 4C8A 0
237 B 408ms
48ms Image
text/plain 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL3fsESd5mGeV6dTNgOCeyU&google_cver=1&google_push=AXcoOmSz0gRF88dGQCXseJdF6lGIFkKu5GffZfOEaUhtZ_Jod5LhGIAb8fHECbXQNTUU03l23CxcbQRGs9ytOvjbVIw403fFDTIlVg
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cache-control: no-cache, must-revalidate
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Et4JNgL8c0jIT5T42CCDYE--l5aLcd-PlU5M-eJt9tJwGdKSbyYnPQ==
x-cache: Miss from cloudfront

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4C8A
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=34c67ba6-8c64-47ad-bc75-67d422014280&google_cver=1&google_gid=CAESEC43mhU64QjHePZnXg7T6eU&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

28ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=34c67ba6-8c64-47ad-bc75-67d422014280&google_cver=1&google_gid=CAESEC43mhU64QjHePZnXg7T6eU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQJN8Ani0VW4jOdb8h8LIb8fp9oeH9BiCfgpUE0XcQCW8hQbJViVsI_PZpEeyyVEEYIez_DbTkE0LBSmdv16UWyp0NE6YfZiDU&gdpr=${GDPR}

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=34c67ba6-8c64-47ad-bc75-67d422014280&google_cver=1&google_gid=CAESEC43mhU64QjHePZnXg7T6eU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQJN8Ani0VW4jOdb8h8LIb8fp9oeH9BiCfgpUE0XcQCW8hQbJViVsI_PZpEeyyVEEYIez_DbTkE0LBSmdv16UWyp0NE6YfZiDU&gdpr=${GDPR}
date: Mon, 09 Oct 2023 16:38:21 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4C8A 0
49 B 112ms
58ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iu3XUZKAfno2cEP2eQv_3C1Sujwdsv5wULHfZnWkgYw47x0En21vzeEmZF4osdQaxNIZw5NQ

Requested by

Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 9595 223 KB
61 KB 29ms
19ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:22 GMT
age: 545579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 9595 15 KB
5 KB 32ms
22ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:44:02 GMT
age: 359659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:44:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 9595 94 KB
28 KB 38ms
28ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:07:53 GMT
age: 369028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:07:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 9595 5 KB
2 KB 50ms
40ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 15:20:34 GMT
age: 350267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 15:20:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 9595 40 KB
13 KB 51ms
42ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 07:07:22 GMT
age: 379859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 07:07:22 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9595 2 KB
2 KB 23ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69544
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9595 295 B
319 B 22ms
14ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69544
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
DATA 200
OK truncated
/ Frame 9595 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee3a52e8c23b8ceb88f2d496c12aa94031feed78dc007f1edfd89bbc1b8f1ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16760450159937224340
tpc.googlesyndication.com/daca_images/simgad/ Frame 9595 35 KB
35 KB 28ms
20ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16760450159937224340

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd9d80cfa4d48af35dbb0e88e8156740d094c545e3c253f869dad17b774c49e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 22:25:15 GMT
x-content-type-options: nosniff
age: 238386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35840
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 13:40:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 22:25:15 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5633 3 KB
3 KB 417ms
27ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1VwOvdrFdki1X%2BPgdXyonguoFG2Rx8Up9rzfrv01T%2BHR5rJ6DQEiAoIbrTNkwscE8EABLhpQx0dvFeho7P38MzIvFDAWMWanAKGW%2BOagDdevdavQDmstl6pSAXPTU%2FtBoJcQUTV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81380db22c2d1e62-FRA
expires: Mon, 09 Oct 2023 16:42:52 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6D91 2 KB
1 KB 54ms
22ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 855635
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81380db02fc21c40-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: Sat, 09 Sep 2023 00:14:58 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W7I%2FZOL%2BdxAYpeJpjuSZ6Qee%2F%2Fg%2FDzMqSU5d5mhBvYtsAhz%2F6XKUdK3sMDA1mAuDAC1F8O4lVH%2Byf6bl0etDhMpj8RVFvC30%2FLIEBGPnYej67hM7itWqpYshVX%2FcTGKdEi1NqI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 32FC 3 KB
4 KB 376ms
22ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE9zoqsQiCcd5fNHp8Vk8bVMdlLgIOoRrnhK10IFOaRiVyZKiHyB48FYRE4x%2BJSo896kCvqnnNKBBo4hzEH81ejPlZTc%2BRCgOG7PVYmmC5Vwbh%2FCPRPA9Wel77gIH%2B1LSbg4v11h"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81380db22c2e1e62-FRA
expires: Mon, 09 Oct 2023 16:42:52 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 708E 2 KB
1 KB 57ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 855635
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81380db04fda1c40-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: Sat, 09 Sep 2023 00:14:58 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPICvAQo%2FPBh%2BoyQvN%2FU5yy26sj7uer%2FBdvhYeVQQcYBqPCSn72SFGlK716dj%2B1ZJhTN%2FjDNU8rv7fv7ybGPhs7Uik4iAHSwg3jptYq0Bvc5pLH%2Fsdrz%2B1uEx%2FZt4Mvv9uQS1%2BU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9595
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

32ms
30ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Mon, 09 Oct 2023 16:38:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 16760450159937224340
tpc.googlesyndication.com/daca_images/simgad/ Frame 9595 35 KB
35 KB 24ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16760450159937224340

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd9d80cfa4d48af35dbb0e88e8156740d094c545e3c253f869dad17b774c49e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 22:25:15 GMT
x-content-type-options: nosniff
age: 238386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35840
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 13:40:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 22:25:15 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9595 2 KB
2 KB 33ms
19ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69544
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9595 295 B
319 B 33ms
20ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 69544
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 index.php Show response
adoto.net/dashboard/track/ Frame F553 0
422 B 265ms
264ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/track/index.php?page=click/data/1|327|0|1636|4010|1|2395|0|0/3694d2414f50976b59fc1c3e206a57a9/1696869511/RO/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=4010&pid=1636&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=350&page_data=df7cc2ddda60fd1d781976bba345618e&time=1696869499&deliver=dropgalaxy.com&search_keywords=DropGalaxy%2C%20DropGalaxy%2C%20best%20file%20hosting%20site%2C%20best%20file%20hosting%20file%20website%2C%20file%20upload%2Cshare%20files%2Cfree%20upload&page_referrer=aHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS9kcml2ZS9manZ0MDhidnU4Mng=&page_title=DropGalaxy%20-%20Free%20file%20upload%20service&meta_description=DropGalaxy%20-%20offers%20you%20free%20best%20file%20hosting%20platform%20to%20host%20your%20files%20for%20free.%20Best%20Free%20Filesharing%20Service
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46RysSHYKVdcMzUcqY7iyzp7WvCZdXVBPqgjoQ%2Bh7byv5UqAZ8S%2B5rgmVihNcUCjIeV9eRX4fk524ffa%2BtxIilnqvFGI6x%2FAXPR0mnT4U%2BHfkHCtoRjRn4s7nMvxDnPyrEHkPBXhwIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 81380db0bd16085b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9595 0
0 74ms
73ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsBfAfCwkZezMMsbngAfuvb9A-66bjnHju_fu5Q3cw-n5nCUQASCtuvl9YJXikIKgB6ABodT14APIAQKpAsEKGm-7qbE-4AIAqAMByAMIqgT3AU_Qqya-xMdQh-f5zn4dWAAxMjFj_pP1tS-O0Be5HfEf7hEj2u-3w_Rn_U2xoMKfC1vJXgQe1t98RkPLdwlHnJuzXOwSGT4mKJKU9bXmJR9Ki57nseUCAak9QQYXD-iox9ijE7kOZ2TA2n-_0PmryxhyHvLLljOPuLFA6qPWmYuRQulz8Bn06SnZv8imWxhFGzYl0f-k0yQ6_FT7IHehuuUBz5GJ5PA4G_MQsZLgM86UHOk4dVhTOmrXXxns8yGr5iQKrbctt7XxEsxF_QSztlOEyxN7BbHke5vwmAY_9NeDsYD1guV5pGFxdV9g4AWlIk61k9NBDTbABJaEqLC6A-AEAYgF6tze7y-SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHx6uKH6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKjzBtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCThodHRwczovL3d3dy50ZWxlZ3JhZmlhLmV1L2VuL3Byb2R1Y3RzL2VsZWN0cm9uaWMtc2lyZW5zL4AKA8gLAeINEwiolZG-s-mBAxXGM-AKHe7eDwjYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDUwMTU0MzEwMTU0NDM1Mxju0HY&sigh=jxwndjYyYQc&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNgqZkxbBzNqOp7c4LTjBpSeaMFGD2EZ1DinoHlOuh6jVb0NrGWXHLpBJL2VADey7favj-R-I_GAE&cbvp=2
Requested by: Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 86ms
57ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81380db12cdf37f6-FRA
content-length: 24
content-type: text/plain
date: Mon, 09 Oct 2023 16:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LK7rGcbyCx%2FweSJnzGX01q0S1%2FudxJH7vVf%2BVJr7vaVvBe3VffM9elEYX71uzBeMRB3eDHEKjeCcP7v6syjOQLyizPpcgQEnkNG%2FYIfCWju%2FblhNnP5tlLBlBj6wskQhg%2FybbM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-494z

POST
H3 200 rs Show response
ad4m.at/ Frame 5633 2 KB
2 KB 39ms
36ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f16fa7d6c9d912fe9bcc0de6c67748cec05284499df830c1d3c59c4e45014

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H05yeV6RqvBWm2DkLD26F1ut17WX9t5IHSfaPGhinP6GmXkiuLvT1v3qKtpWEXryFbxG%2B5RZcgst35l8%2FYdC4Aqr4V4%2F32IjEYokgi4KDAmrt%2BPOKBoNHPefbjQLwdA9Cussj54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81380db19d6237f6-FRA
x-backend-server: aa-reachservice-group-europe-west1-494z
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 32FC 2 KB
2 KB 40ms
37ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c05fb472c136bf7e1d3835459644fb0fe4352a76c3e3cf4aef0badcbc373a1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSZZX70bMHhjvaBCz2PgITWjLZBGkFw1f4noW3Ufxk%2BQnpTnjjSf8hZe7%2FAj3NH95qi4oZfXxIQSu2fvt1%2B4w9pE0DUGtmd1hr5VCPGSj3DAmsFHVlzmZlUycFozF67Jaz3cnPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81380db19d6337f6-FRA
x-backend-server: aa-reachservice-group-europe-west1-494z
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 86ms
59ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81380db12cdd37f6-FRA
content-length: 24
content-type: text/plain
date: Mon, 09 Oct 2023 16:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1SCnwi9rVdIHWOkVRxS6NsUssYzq8XlOfjCRkTMLXvPKHLh%2FXmaY70W%2F7%2FJJlcAzQETMBeOybXK0s56G0fjR8eCTuz5eQ%2B1X8rSVMOz%2B69nepya66fzO71wvheYLrB1GtFUW6g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h891

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FD48 9 KB
4 KB 74ms
72ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e47e8026f85a3c9cddb22ebaf3c71dded66bab845994395088de6dcd3f81957

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hbsayrdeggwf3yw5f2664bbmzf88a6xe8ae5cncg8w212bcs0gc7e208m4pt5wc5fa12xfncjd2myqz0hntvbxg1fxqn4stnep938hcbnchyr7q9320j1gm19tx6hbt46dt9p5dpsra888as7v9bmzxhnjm9we5ctjv4k5mxyrp0waq302ebkfr8xwxkg25cryx64kpv9t9er8yykcgyytk6mnf3zwtyr8j52egzpyh2t2syz9aj79xcf77z9j0fcsmspv330658pcns9x0x60dgp2wr31qtksesjx95245zfredzxxw7c5zsw0jfk5ejrd2ndcjjmbxzkc15fsczss2cnv8dq2sfqp1jh612v9hkajpmy2rx2jm0t3t656083yqam4tm1qdy8cehtg1mb1kh78efbnramkqavrw22f8c4td61mc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%26client%3Dca-pub-2585781838920458%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81380db1ea0c1c40-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5155 9 KB
4 KB 72ms
69ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9047c0db667ef771a585f978ec4a13975f324116bc37008c0c4c9dde61e496

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j11bwh0k3wajbjy7f53fh6kakrh2g0p8febwed1jvw1jr7t8q72yp92wsy2sjdt66dcvvjj371p6v37cgb4xnhtqz3w922y07s3sj7vw5hf7qe1f9558y1wsw81g89727kj1sxhwwgt9es63259pefqjjd0tj6pky92pj6vqt5qv64ph7pd3errf57bbgje4t3jbd3abxmxtt134dzhj5t0pt0v27k2vt9a2byj38ma4nzpwyzh4evbx08nz06xjv42pz5e8p9v11ay043prd5sv9yqq9gg2tpzkcps5rzhtd5c85mjpfpn935cme0zer50ds5sd1yh8q6e08b239f4fyqfstxt5nbrk8jjhngb7w0jzcc26dtvccm56h6wytyf0ffamkyc9b7g8vkjh3mabhax4ghrsn8765wsh31x7x1ve6y78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%26client%3Dca-pub-2585781838920458%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81380db1ea131c40-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:21 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 5155 115 KB
14 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 283706
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BLHXEhnI1pWLaxsd0z2dOi3vLqcDS8qdJB1luLVSFfZhYwM1BsJ%2FV4%2FfmsmF9vBPzqOrduuBtwmpBfwnwOwC9vIKYU1ykW1DyVBd88mUBynbDiHlnxjlKzDGLv0JNShDP4JFPpKjdU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 81380db26ab81c40-FRA
expires: Mon, 09 Oct 2023 17:38:21 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 5155 44 KB
44 KB 85ms
66ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1884284
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl%2FlOYBG%2FrELv%2FYK9h9dNaPiwmmlI1vH5MjPOAbdMjn2nVJA0tecWwIeiz0DHWfv3TxNdRHwhQsi0VYsrPtY7ME3FqTTRIrVRKW0AIpUd3gDjpV3WC%2BPkIRfsfe0ymxd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ade3a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 5155 699 KB
700 KB 94ms
81ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1107821
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii6f1ZdeYP2pmoQlDOVeJBULBf87uP9OHOdUeHfs5zqFPnrCN5QrROZrc1VLHl4eSHr7sJtlLS7A45R8CJXcns1pqtW%2BsaQDogYEF%2Fxt8tPUn8%2FCVqfiO94MoAydiEA4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae23a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 5155
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4274bf20-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

428ms
39ms

Image
text/html

104.19.175.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4274bf20-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0

Protocol

Server

104.19.175.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:22 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 81380db62edd1d9c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 09 Oct 2023 16:38:21 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4274bf20-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5155 74 KB
74 KB 117ms
104ms Image
image/png 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 876529
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCqAyJprHLESPn3mNhhz5B8ySb6f7hbzOT4wuW%2FM5uodTf3sYh9YGyGm6WGid8wUuJXjfboIGI4qQ8m1yH5hU1Uwx2xVpZEFteRdQJF%2BnCLBp%2ByUpcXmCFVZ6p%2BfjqdP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae03a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 5155 31 KB
31 KB 117ms
104ms Image
image/jpeg 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2649635
cf-polished: degrade=85, origSize=132437, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 31747
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5le7u5gpW4FdXmFroLYPv%2F1kuye7OFQ029AbiQO9ESuLP2pkJCNvMLyonE6ldhDNWHQGVl14noTbIu%2BhPdBAb3xTPGZ4CjfPQBKlU%2FsV1L4LWY1MZ5RkPCm%2BAy4ssdr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db29aef3a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 5155
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSakb-z6YEDFTaf_QcdiasNQQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

72ms
20ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 16:38:22 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962235X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 5155 13 KB
14 KB 66ms
53ms Image
image/png 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2154531
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSV7Zvx%2FrmS%2FeyXq1kr7a1Jx41FNoOIBtW1zhRx6v1HTmqxscZ0iFkbFT2dZ0Gmy7Mj5Lw%2FAlGy3og5QSDfyu%2FRaKkCLiGzHJmFIKj3wAd63yLUJBAkvUWGAZM2M9RiP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28adc3a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame 5155 27 KB
27 KB 116ms
104ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2470743
cf-polished: qual=85, origFmt=jpeg, origSize=123474
alt-svc: h3=":443"; ma=86400
content-length: 27302
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Jul 2023 13:35:21 GMT
server: cloudflare
etag: "b2c66965c0cae09bbfaa712aade417a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsUnE8rxmIeVKW5zNhG4LOT0PBnv2ZJzkcIDVhCsv2VY%2F7ndB%2BQI90Tdy%2F8%2BPs1WUaaqffrUnYVgN%2Bd8NbE2xT7KXESnEtitNa2%2FZ3%2FSCkuX2NAkGsCF4h4P4fIqLBDo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28add3a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 5155
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJifkb-z6YEDFWpU5Qod91YOxg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023100918382289528962233X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

86ms
25ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023100918382289528962233X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C167497&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=160&d=600&e=&g=b2f9aa26dad6ee46c5fbe9cb69477a44%2F10307457357489330583&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501690&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gkrv3dv9xaffe8yrkqnfp5ty2m57d1s1ztjgt4arp0yzg9a41x50h2hn5cc7enyzr1kb87x003x08pvz0mfred5vv0ckk3z77aks821rm8sz2gbbww22qapp3c16a93bc05s9va4h108zkdhr4k01ebmermd6aqdqy2qs3028rfscgengz6s5grzzrm09vbfk825gvhw6vsyhn87dzx1wzvax5nejzf98bkdy5tb8rwnhdvjsvstdzr537ad7atd2jkbzwegbpzf36jve1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM60GfCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE6AFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7Cluth2dJxOCN7L8gpTTNUltrupJ00EzirjAeJwpDeXoBmmhbHOn6Fq034AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gf4aXH_azL6M8jb1OamGzu1oAvg%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 16:38:22 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023100918382289528962233X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame FD48 115 KB
14 KB 44ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 283706
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FN7RPsRBALYABPJCMA8OU95evUQUqm6ZJO7BScdyLixr2P%2BeMbZjxRYIE66oQ%2FnwsH7mNYDpIdJXp3Eo3KLLz142u8IshbdRFg8w5E5P39tWvbaw3osLpw05gxNlH%2Bw1xLPmN7DUgw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 81380db27adc1c40-FRA
expires: Mon, 09 Oct 2023 17:38:21 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame FD48 44 KB
44 KB 71ms
55ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1884284
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6pqf%2FpArDMWxNRwBWBVsi0wsPE0UCxV5BWuxSApalhFAg6Gis4AvGDqirwde4tIQeP4r4pGRGAcZvtDKsNl%2FZoClAjrDV%2BoVmT7TgtM1wtEQ9laAsqOr6lDFcCVN552"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ad93a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame FD48 699 KB
701 KB 81ms
69ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1107821
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ3V57TyVgZsFgfoy3FPn%2Bm66ls%2FFrNQ2bvBo%2By2k5RTE2oo3bxbPfq9%2BGrh8FV2HRgidk6CxmmbeFGVCXk2Fhf%2FZM3bLYVn6f%2BZHePsMbPL3reGfZpqKHj3ba34b1lv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae43a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame FD48
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4270c780-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

0
313 B

470ms
49ms

Image
text/html

104.19.175.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4270c780-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0

Protocol

Server

104.19.175.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:22 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 81380db62eda1d9c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 09 Oct 2023 16:38:21 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1696869501_4270c780-66c2-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FD48 74 KB
74 KB 39ms
27ms Image
image/png 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 876529
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX8JObv5isqCSlZKQd08Sum7BXQlza4W%2BluOfij0L4qGxOxY%2B8p9BeCVXJbrZNWy%2FaMUaKeiiY9SfzL5CDJWWTzqnZgeXHyEJJ1J%2F92kC0qL%2FIckSCwtgH%2BHSBaelnGd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae13a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame FD48 31 KB
31 KB 55ms
44ms Image
image/jpeg 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2649635
cf-polished: degrade=85, origSize=132437, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 31747
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lne6RA9z8kFcxCEGdeMSaqJFzEN5JQrtVWnc%2FvvxVHWyBBHA3qN6kReucKY1S%2FY%2BtPJvelSV7HAVpuRSrO73yWEzQKZDNgbc4f7xZ1%2BxyuxdrJ0AtfCYsXXojc3XOMcx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae33a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame FD48
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMmfkb-z6YEDFULmEQgd9lcPAw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

92ms
42ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 16:38:22 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame FD48 13 KB
14 KB 116ms
105ms Image
image/png 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2154531
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upTYadqEXu0RQpX0a3lBfS7WZ00O0qO7tbjO9jX%2BahhK7RzDI2aBR97%2F6vrLaFkOobzH9mPJ6MD2%2F38CkDTGM96arEJsjkDJUbvkz5BmOCR5F39CFy6%2BYQ0FHzScuV3t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db29aed3a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H2 200 BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame FD48 27 KB
27 KB 59ms
48ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2470743
cf-polished: qual=85, origFmt=jpeg, origSize=123474
alt-svc: h3=":443"; ma=86400
content-length: 27302
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Jul 2023 13:35:21 GMT
server: cloudflare
etag: "b2c66965c0cae09bbfaa712aade417a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kA37aalHSnODNE57xiD5C4swWsltzjBlmYcibPKcxEZAganzbc3EFScHt95iV5Jyyy0PDTqw44HfTVIV%2FjfV6GwmQj45nSykBrjQjB5vYlh5R6eXGXOyu6uAzrrOl8E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81380db28ae53a6a-FRA
expires: Tue, 10 Oct 2023 16:38:21 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame FD48
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIekkb-z6YEDFdjTEQgdQ-YCSA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023100918382289528962231X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

94ms
33ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023100918382289528962231X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=8bf1be9f1f0390d89ace9cdcafc600bf%2F9810500293872539900&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1696869501688&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg044xkrq7mfrdenxaskpt8p84tfcc18p06008m6b813w3maaswgvmyqjtsewvrfa492azhr3076trbv8x7xx6c1tfhdybrnzjzq1kax5b05bfwtayt72sgcdthy4z5dvtjbkw5wsk0gb6k74d252t71xrrnwx0dj2kswgz2fn20f4y6q78g8dc8w1qfq5vwzwkpj9nh66px0r5wkp9v672wfyy6gt5p5dqj82b7e6mbfq5kk7f10y4tm3j20s9rax9bghnfwb6vw5f53q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKrwXfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTuAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_DzuQZl8jsf1-XBTY33WyLiK12kKHbAuFc-H6PstizWVo_S8wW86MXxI87gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fWYS32hqx3_ymj8utSgZpMFR6PA%2526client%253Dca-pub-2585781838920458%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 16:38:22 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023100918382289528962231X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1E3D 42 B
176 B 155ms
155ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvunUA7J3xdGeCKqZxDFm2IaIW7QmL8Loo8JsUajY6N4DM-X1vBbvkyjhDmm7dS78txwpWXFyqWL0eZ3qyDm43BinMAReng2eNebwkzGLJqqzg-0fx-EIzanbCojbi5dYZUPIFIb9hmEW2u-K0AcJq1b5kq45jXqB05ysrh1kY&sai=AMfl-YTipSU1cjxSdkm3xIF_blXzQq942n7rG_EovAru6VOhNOCYSiu92Z6etSSXNUNYijKgBdSLYn9ud8BuE7RSMkj_JGr6_2bZxNi-XAkgXCK7-evUmf_LiIXPwws&sig=Cg0ArKJSzB3iHcXpe8sdEAE&cid=CAQSOwDICaaNPyzlmlSb9a7Ns-gbY_ojUokxbdVLrCY06LqmuX25kTbc2ib4ucUt_nvwjgNXzN3o-gRctcSQGAE&id=ampim&o=640,360&d=320,480&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=533&tls=1533&g=100&h=100&tt=1533&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7335 42 B
64 B 153ms
125ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ8jEtAzMt10NzdK49pcgfGqQngeg6ezJFUHeyBw5asivWr2u4-UWc2GdO2lA2lW_wuKBrbI5djLxchyAgosyHOaoypxhAm0Qv_Hpt&sig=Cg0ArKJSzL-XxvW5CVQNEAE&id=lidar2&mcvt=1007&p=87,1480,687,1600&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1098410920&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696869500612&rpt=553&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 04A9 28 B
54 B 27ms
26ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Goog-Request-Time: 1696869502287
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4L1BBUB8YW0?mute=1&showinfo=0&controls=0
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtxNktQczNjQkxuTSj62JCpBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1696869499321&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C280%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 09 Oct 2023 16:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 09 Oct 2023 16:38:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F20F 42 B
64 B 124ms
123ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspWcvBV0hiqCIoraQyvLqXMLKhYF_ECB-V4Vsck-TjGSobo7Dd7GNXC0sOucEJRJVQNFoJWufx8v06w9eIwp12CFHJ3-BFjDRjV_Q9&sig=Cg0ArKJSzOH5_GYfWN4IEAE&id=lidar2&mcvt=1000&p=87,0,687,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=539385062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696869500864&rpt=401&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F20F 0
0 55ms
55ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-pk1fCwkZZTyIseKx_APtK6CqA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNTg1NzgxODM4OTIwNDU4yAEJqQLBChpvu6mxPuACAKgDAcgDAqoE5QFP0F0l4GFOsGvnO-alT8CKVDUyjz5TQ8ww8JJGiooyr4yhnJIyDR0Q9-JMeHvQAMysyufitMoVRZ0oclWtS4XKG8c5N1RL5UZDBbfcgByZFYKEU1lYfRpAgoE5ZI-ggi1GbsDea1tyUsGN3KQUTW-r1VBpW4spMmEMWZf5CFVFg2geWj5jXrCxWl6ZW1bdzw88IYbQFePvtI2gD_LsmwuwlCp7JcAiUViWhDpMGZntK2D44Gqybe0T5HsCV3T7ChmvpvWePWfNJDhoM-6EwKlSrpjZ2mL6c7Dcbpi77WQtgr2Hg6ky4AQBgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI1ODU3ODE4Mzg5MjA0NTgY7tB2&sigh=Zgf9OtxlgAY&uach_m=[UACH]&cid=CAQSOwDICaaNJAOqgvps724f7UBFg8B39YlPo4cnUOR3ohaNyq7zGiqfEXzymeUPn2rJBqDFUkjqhK1B88N7GAE&cbvp=2&vis=1
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F20F 0
103 B 380ms
21ms Image
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jgds4mg9fndfsymjrdk008a93kp16rstwc098cfktezttkng8fxr8sr1006mbqbcme5dt52wqyfct9s6wadcssa0gw51xt7qthqwhcybsaegcak599chhg65244253dpqb0av7yr5wbdxy18ar27vp74yyedqsskq43qybc4tkrz0wdrf4k474gt3vz37hmcpktn24f3axqt5c3q2cd9eea7jeb8bsav6zk5rnbn3sk8y62kfhh96xc9hensr4gdgjsqa7njmg28gw5z0y53g0jtxedsk3mhyd0w5e14m36rn4ve937qhg1nd7nhe5wd1x6dwy5np8fv40s9mgk8xjask2gcjph942dmxpnyd3sq7jshm8r9srara25q4at1rnt7hyktm&b=ZSQsfAAIuRQIEcVHAACXNJ3v35swezGAI_XAlQ&cbvp=2
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 16:38:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7335 0
0 54ms
53ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy3WMfCwkZbOaE9HIgAeUsoLYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI1ODU3ODE4Mzg5MjA0NTjIAQmpAsEKGm-7qbE-4AIAqAMByAMCqgTrAU_QSzS3uHXGAw3oHKNspKZhbYJEYCWLbjmcxBUzS8dw7VSl-hdedohmu12Si7DlJDnw17x5VBgnzK1kNY27qm6S0hbosotH-BGe4Ljiw652W7ZoL9uCZh0R5D9u7DK6SL4k9P6tqV9gYIDFeKrbkor0H9k8D6egfm0bW_biFZVn7LYhfWBIlzEVa44g8tH_iQ_mYO9xOMfQTcE2etcYK0ZJ-T1V-Ia-1KokCG-0kuzqD0lTraDmWfDJAvdNYivaUyPQa_Dz-wREYOzmUKUJysVhgWtw2WSwItvKlk_jn2GlJNRCSKPKJtkjqA3gBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjU4NTc4MTgzODkyMDQ1OBju0HY&sigh=v1m4bdrweYQ&uach_m=[UACH]&cid=CAQSPADICaaN9F00XKouZmdXSnzFXuPz0ocgRtnmZ5fMnEINaaN3GxXTRmwYCJWdeJVWnXGfNYPcSojF7bJKChgB&cbvp=2&vis=1
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7335 0
39 B 383ms
35ms Image
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gf65wff38yxj03ar4f5yh7npdwtqvy5tsn3expzz3xd7k2hngxebfbk2mygr7xwb829pydfyry0mggz9ay6mzdetx30w4t9chax5xwkf06vd39bhsmfgzkzz75b07thr1vgfjzf3rcpkjmvewt03rbad3680gxjp3paqcm6ezkydpkc9h0dgqqsnw8cqc6hdqa9xzh7mdvtwzpssk7bx4752gawpms6zhdfy3bzrnb3qp8cksc2k659evycxcd3sxfpghyb35dxgaeh6591f7hy65rmz404vyjns23drhs6b382h40zyxy4n1vqxxebznm9n8bce1dn7w6r8mh73x7vz10aymvwn49pjfg19gx70n34cjj9yb74v99h28mp7wancm4nhg&b=ZSQsfAAEzTMK4CRRAACZFGJB0SG8Ff74RmwTFg&cbvp=2
Requested by: Host: e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
URL: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 16:38:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9595 42 B
64 B 129ms
128ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLbePIkS1u8hMq3pE9xFx7d79kcahhXJW6Od_Vbk_YC9Gw_ta0CzDxVI6H-bOIAncIvYwU0moA0HNjFE3AjphPUkbrcdXSFTQ4Z6XVSVS02yruM4rdxLZOXFDEG1375bGYz8eI3p_r9pgQd_1EHOjS3axw5S9W_vtgf7UdRA4&sai=AMfl-YQLAusDA3R-QMoKqIP71flxcu0deht14Lif_73yYBTcZ785Gxw42XeySLt_exhuRaYGVfb2wEiknDMmDhX7MO3HRxU4DXAvUlDodj59o1-rF4q_xqpW8ETM3H4&sig=Cg0ArKJSzM_ljDemO4jEEAE&cid=CAQSOwDICaaNgqZkxbBzNqOp7c4LTjBpSeaMFGD2EZ1DinoHlOuh6jVb0NrGWXHLpBJL2VADey7favj-R-I_GAE&id=ampim&o=315,111&d=970,120&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=291&tls=1292&g=100&h=100&tt=1292&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1640813 Show response
ad.a-ads.com/ Frame C828 12 KB
5 KB 628ms
78ms Document
text/html 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1640813?size=728x90

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.137.20.4.46.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

939e89873aa800b691bc5ea42a36b610e55965e479d5ea6b70fa42eb19e8c115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 09 Oct 2023 16:38:23 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://dropgalaxy.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 1536089 Show response
ad.a-ads.com/ Frame 3B9B 12 KB
5 KB 606ms
75ms Document
text/html 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1536089?size=300x250

Requested by

Host: dropgalaxy.com
URL: https://dropgalaxy.com/drive/fjvt08bvu82x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.137.20.4.46.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

303c8e269233df20d6f2b490fbf5ae80591279d070647e13cccd388e2a4fbd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 09 Oct 2023 16:38:23 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://dropgalaxy.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
66ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f5d4491dba3f2107d65834cdbe05e337f0e730e7ecb4e457f0aed78e0c0ac51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12123
x-xss-protection: 0

POST
H3 204 rum Show response
dropgalaxy.com/cdn-cgi/ 0
140 B 29ms
29ms XHR
text/plain 2606:4700:3038::6815:eb9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dropgalaxy.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dropgalaxy.com/drive/fjvt08bvu82x
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Mon, 09 Oct 2023 16:38:22 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://dropgalaxy.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81380db94fa41997-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 165ms
164ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 16:38:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C947 13 KB
5 KB 12ms
12ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 11:52:49 GMT
expires: Tue, 08 Oct 2024 11:52:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B089 829 B
561 B 72ms
71ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e501eb634f50ba6235fad96c230713388acd39f007002d92fafbd49c0e57acf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gvk8aTdWCF_qBDJBXF5T5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Gvk8aTdWCF_qBDJBXF5T5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 16:38:23 GMT
expires: Mon, 09 Oct 2023 16:38:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393795/ Frame 3B9B 609 KB
610 KB 78ms
23ms Image
image/gif 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1536089?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:23 GMT
x-amz-version-id: FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
last-modified: Tue, 31 May 2022 13:40:41 GMT
server: nginx
x-amz-request-id: YV2036J4KZARZBM1
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: c9FPLGwUpC79PSzPXBDKD1BQiIbzrvh5b4/zulIVpJZcCJ+uU7+jk7O8KzR6J7pqxZeYDP5mD+o=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393804/ Frame C828 674 KB
676 KB 90ms
36ms Image
image/gif 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393804/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1640813?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:23 GMT
x-amz-version-id: QbiY4NoT4ulkvDSEPsy._qf5G5I0yZLz
last-modified: Tue, 31 May 2022 13:40:42 GMT
server: nginx
x-amz-request-id: MQ284DGW8ZQY61CW
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: hT4Evu9vw9nKs96CM3VOsusS2nTOOLsQqdL/0qDUD+OjbwGM90hRR9d6T371kVFW7b5tE1VefP4=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 3B9B 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C828 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame C947 37 KB
14 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 11:52:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B089 0
0 84ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=1173654890117727&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C947 0
10 B 9ms
9ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5NrIxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:38:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=1173654890117727&bg=!T0ylTAPNAAbjlzx0w5c7ADQBe5WfOOdEPowD443tAw4IEK8B6Nh-9whx-b1WIoN2o9K3iPIex7Rw1hKyrH9sQxzmvw6AAgAAAblSAAAADmgBB5kCzFWV38UBPPnqiNAY05tT7zQgjJdEYTU9PZDxPZVPa2Si87ZGxTCNzW_-RHhoh4rPPt5nCmcTAuWXK27NZH-XQtFb7NPFolFsaRyLOP0xtyf_jGB3w1iNBObbWRseCH1xyQA_L6mRs414bRCEvAH5ysmn38OI8I_7K8bV_IM2p0ELki3qQD8xCB475PtK5DO2iCEuc-0JNBnjzSf-IcLvgTxsJiVGNMe3stuyv86sORUyReT1od9oUQ9Z74H-MlaFnFP1k850ewYBQ3uASaVtxgawgkQlvbP8S4ct5Zp-Fv4pOJaVrhGbNP-eyqjLwBMBsOgtgVY_dlB63RVRRZdAUCbUhfCD0ylhlchLP-LwTRc9av0wtKqkQn7R2Jf9u2qaxvAD2z1nOHAav80gWM8oM-7lftg5zMlhYXfVzkjFYwfLMO9xvGD5dIChiQQp2bVWMqaIyiRUfhWcj7GieSc0PTsTU6pUzvy58AaTXhGW1sHUr5M1VRog0X0yYUWXiNjyP7aBZl-v2JNy6hmLGkzQBpa6fYcHJTPs7BOyUeZwsuI4e2iB43Kx3idpgsQN8vWPmSj-sHZrcwm9AhPAZwMmG4V1WCCPMa5q5m8lDpu-L2AANNI8Z6zSBsp_rQS_W-CopIfSqmpm1zY28nGTPR2ygaWsJ3z_UvMsBrkZc4Cjq6ANcLHuB8vkWOCN-VQqIVL8UimWJcDou7ETA_26SLTQi13ymlps6yV8Uyi6CipxrbD9bUhHe6nSTDOHY2zG1gG4IlAkiwyS3ieXNIL9cogJ4hMmi78t5jufO0KllX9AMsVZqLbVQsSl2R0mxkpsh2P4Q5BPye9zrwVtlO5ynggSaeaEe4Qa7YnfO340pER9vQxl7zLf4ynk0ABG9CJx_g9Uk783QQTQR1vak9cOMcp_bPjHNl1ZFW3tz9gZYk8ue2csB2RdpRjknT6NPQpz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 momagic-logo.png
1437953666.rsc.cdn77.org/ 4 KB
5 KB 38ms
33ms Image
image/png 195.181.170.19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1437953666.rsc.cdn77.org/momagic-logo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.170.19 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 610407756.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: b248d3e7d621ff7eef6eeaf2c678536fec3ddf20f9106471c5c613321545bfda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dropgalaxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 09 Oct 2023 16:38:24 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 32423
x-accel-date: 1696837081
content-length: 4457
x-77-nzt: AcO1qhE3Nzf/p34AAA
x-accel-expires: @1697873881
x-77-age: 32423
last-modified: Wed, 02 Aug 2023 07:25:29 GMT
server: CDN77-Turbo
etag: "64ca04e9-1169"
x-77-nzt-ray: 4c156224f0bab743802c24654deda42c
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes

GET /
rd.mobileoffers-dww-download.com/ 0
0

OPTIONS
H3 200 /
rd.mobileoffers-dww-download.com/ Frame 0
0 203ms
203ms Preflight
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.mobileoffers-dww-download.com/?a=489&file=Ad-Free%2CHighSpeed%20%26amp%3B%20More...&tr_id=dc153f08-1cd4-4ee1-8f18-8f870b90437f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://dropgalaxy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 81380de12a699bf8-FRA
content-encoding: br
content-type: application/json; charset=UTF-8
date: Mon, 09 Oct 2023 16:38:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 09 Oct 2023 16:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQSD0B3OOw4z3BH8mkUlK9VBneKhiDHh4jCWy5zGQNkhsgD6femXEJwHsls43VBaY0enSzYKcfs1CrdTwOvFCMdMDxuo1QNdLL%2BIBvOmGW%2BLTU8jVZgTaLF7SxUGNZH%2B335GnJeRGvzKAvHC%2FroGaFZ5jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659001236&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=3&didk=3207493850&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499489&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3075566294&frm=20

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659000853&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=3207081273&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499491&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3390604504&frm=20

Domain: rd.mobileoffers-dww-download.com
URL: https://rd.mobileoffers-dww-download.com/?a=489&file=Ad-Free%2CHighSpeed%20%26amp%3B%20More...&tr_id=dc153f08-1cd4-4ee1-8f18-8f870b90437f

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dropgalaxy.com/	1969-12-31 23:59:59	Name: lang Value: german
dropgalaxy.com/	1970-01-20 15:22:35	Name: lastidfile Value: fjvt08bvu82x
dropgalaxy.com/	1970-01-20 15:41:19	Name: aff Value: 708
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1HuDG--E0Yw
.youtube.com/	1970-01-20 19:40:21	Name: VISITOR_INFO1_LIVE Value: q6KPs3cBLnM
dropgalaxy.com/	1970-01-20 15:31:14	Name: 343a-a054cfcc Value: dc153f08-1cd4-4ee1-8f18-8f870b90437f
.dropgalaxy.com/	1970-01-21 00:06:45	Name: cf_clearance Value: toeMu47Yicsgk8.T_PqzwdzQuRMubAcvqU7dQzMSRx4-1696869499-0-1-da26fcbb.476783f3.97f36aec-0.2.1696869499
.openx.net/	1970-01-21 00:06:45	Name: i Value: 154d183b-448e-43da-85ae-de82ddeef488\|1696869499
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstCfa4531111 Value: 1696869500315
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstCla4531111 Value: 1696869500315
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstCmu4531111 Value: 1696869500315
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstPn4531111 Value: 1
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstPt4531111 Value: 1
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstCnv4531111 Value: 1
dropgalaxy.com/	1970-01-21 00:06:45	Name: HstCns4531111 Value: 1
.dropgalaxy.com/	1970-01-21 00:57:09	Name: _ga Value: GA1.2.959624182.1696869499
.dropgalaxy.com/	1970-01-20 15:22:35	Name: _gid Value: GA1.2.339406076.1696869500
.dropgalaxy.com/	1970-01-20 15:21:09	Name: _gat_gtag_UA_70132428_1 Value: 1
.criteo.com/	1970-01-21 00:42:45	Name: uid Value: bc7ed17f-98ad-4c8e-b419-737f228f37b8
.dropgalaxy.com/	1970-01-21 00:42:45	Name: cto_bundle Value: 4cC3oF9GeUVoUTBDWVJXc3RoTGlQc3FwMUpVaDBWaSUyQiUyQnZacG1hRXVMWVZQb25GRXlxM0NNeGtCeXFJZGhIY1J5Q1VFaFU3S2pqZ0llNjFUZXNsWm8lMkIlMkJzRWpUMjNJUTBCTktuaGhqd2VOUHpvZnNlRktHdUgxQW44SkluN2xva1hYazVQdU1VJTJCWlJYS3dhUWVzTnclMkZYNkpWbnclM0QlM0Q
.doubleclick.net/	1970-01-20 15:21:13	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-21 00:06:45	Name: cid_b2a454f936f3443098be36566e2719c8 Value: 1
.ctnsnet.com/	1970-01-21 00:06:45	Name: gid_CAESEE6a_IG4RXHzZP_OkZV9ql0 Value: 1
.teads.tv/	1970-01-21 00:05:19	Name: tt_viewer Value: eaa7eefd-ce89-4dc2-92c1-a29391b1b46c
.blismedia.com/	1970-01-21 00:06:49	Name: b Value: 65242C7D110203B518DAB40FBLIS
.travelaudience.com/	1970-01-21 00:52:50	Name: _tracker Value: %7B%22UUID%22%3A%224E623169-D450-49B5-20CD-B80CB3EC1B3B%22%7D
.casalemedia.com/	1970-01-21 00:06:45	Name: CMID Value: ZSQsfTbiEEBncNcIFtd0WAAA
.casalemedia.com/	1970-01-20 17:30:45	Name: CMPS Value: 3178
.casalemedia.com/	1970-01-20 17:30:45	Name: CMPRO Value: 3178
.csync.loopme.me/	1970-01-20 17:33:38	Name: viewer_token Value: 34c67ba6-8c64-47ad-bc75-67d422014280
.adform.net/	1970-01-20 16:05:47	Name: C Value: 1
.doubleclick.net/	1970-01-21 00:42:45	Name: IDE Value: AHWqTUmGmYyEQ1f2P6Wp1UPNzVR824WX6j7AVThr4qA5hYkZ1VNdbPgdVAiygKD3CDA
.dropgalaxy.com/	1970-01-21 00:42:45	Name: __gads Value: ID=bbafdd1b2ba130bd:T=1696869499:RT=1696869499:S=ALNI_MZZJYZOifplOM_qKOWJos6NBo6D4A
.dropgalaxy.com/	1970-01-21 00:42:45	Name: __gpi Value: UID=00000c932d1287d5:T=1696869499:RT=1696869499:S=ALNI_MZ2d-Z4LXjp-KbRk-WmyX7FnwsnFg
.adform.net/	1970-01-20 16:47:33	Name: uid Value: 210986125060494404
.everesttech.net/	1970-01-21 00:06:45	Name: everest_g_v2 Value: g_surferid~ZSQsfQATYFz5BQA4
.dotomi.com/	1970-01-20 15:21:09	Name: DotomiTest Value: 703b2528577f18e6
.tribalfusion.com/	1970-01-20 17:30:45	Name: ANON_ID Value: avntuJtMPmFUTgUpySVotgaRTSu6iHZasl7ypd5U5t7BM5ik3YqjWlfREPcHOXswGwUZddE3BIQo3EIXBEs95KxBlB
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.awin1.com/	1970-01-20 15:25:28	Name: awpv11354 Value: 412871\|1696869501\|4274bf20-66c2-11ee-8084-22395667df75
.doubleclick.net/	1970-01-20 19:40:21	Name: APC Value: AfxxVi6JU1BMGM9fN5RFgIp2LQYA_kXad7eWj3qE8kw_KJ0p2H0OPQ
www.conrad.de/	1970-01-20 15:25:28	Name: CEAffHA Value: YD
www.conrad.de/	1970-01-20 15:25:28	Name: HTLP_timestamp Value: 1696869502456
.www.conrad.de/	1970-01-20 15:21:11	Name: __cf_bm Value: eiFWtuHXjVHeXmu1q9jv2Z.q117SKLWYM_ulqj.mj70-1696869502-0-ATrrf4g9NHKjCuCh00yU/RwgjmQhickTAPAitWjQ6Oi1oOdoLMyeiU44EewDZ2n0SJXGJ3PX+qzb0IKyCVsIV+k=
.o2online.de/	1970-01-20 15:31:14	Name: nscQ485 Value: V
.blau.de/	1970-01-20 15:31:14	Name: nscQ486 Value: V
.blau.de/	1970-01-20 15:31:14	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5Njg2OTUwMnZsZWExZGUyMDIzMTAwOTE4MzgyMjg5NTI4OTYyMjMxWDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRqODN1RWZaZVNxeEoxdVlIRUgydDZ0UlJKVUtUelR4SmM5b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExNzY2Mw
.blau.de/	1970-01-20 15:31:14	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023100918382289528962231X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5Njg2OTUwMnZsZWExZGUyMDIzMTAwOTE4MzgyMjg5NTI4OTYyMjMxWDExNzY2M1YxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 15:31:14	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5Njg2OTUwMnZsZWExZGUyMDIzMTAwOTE4MzgyMjg5NTI4OTYyMjM3WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 15:31:14	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023100918382289528962237X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5Njg2OTUwMnZsZWExZGUyMDIzMTAwOTE4MzgyMjg5NTI4OTYyMjM3WDEyMDIxMVYxMjI2MTMyNzAyT

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dropgalaxy.com/drive/fjvt08bvu82x(Line 719) Message: Unrecognized feature: 'web-share'.
javascript	error	URL: https://dropgalaxy.com/drive/fjvt08bvu82x Message: Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659001236&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=3&didk=3207493850&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499489&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3075566294&frm=20' from origin 'https://dropgalaxy.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659001236&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=3&didk=3207493850&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499489&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3075566294&frm=20 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dropgalaxy.com/drive/fjvt08bvu82x Message: Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659000853&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=3207081273&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499491&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3390604504&frm=20' from origin 'https://dropgalaxy.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173654890117727&correlator=2734124376518631&eid=31078637&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22387492205%3A22658273219%2Cdropgalaxy.com.Banner0.1659000853&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=3207081273&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696869499491&lmt=1696862299&adxs=0&adys=2392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdropgalaxy.com%2Fdrive%2Ffjvt08bvu82x&vis=1&psz=1600x3306&msz=1600x0&fws=0&ohw=0&ga_vid=959624182.1696869499&ga_sid=1696869499&ga_hid=1471486107&ga_fc=false&dlt=1696869497709&idt=1730&adks=3390604504&frm=20 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://dropgalaxy.co/assets/img/logoo.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://adoto.net/dashboard/display/serve.js(Line 4) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://adoto.net/dashboard/display/serve.js(Line 27) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://adoto.net/dashboard/display/serve.js(Line 316) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1437953666.rsc.cdn77.org
a.tribalfusion.com
ad.a-ads.com
ad.doubleclick.net
ad4m.at
adoto.net
ads.travelaudience.com
as.ad4m.at
assets-7pb.pages.dev
assets.ad4m.at
assets.isavetube.com
bcp.crwdcntrl.net
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dropgalaxy.co
dropgalaxy.com
e3a2e675ea15b6e07b478b50d05de07c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
id5-sync.com
invstatic101.creativecdn.com
jnn-pa.googleapis.com
js.mobileoffers-ep-download.com
match.360yield.com
mobileoffers-dq-download.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rd.mobileoffers-dww-download.com
s.ad.smaato.net
s.tribalfusion.com
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.a-ads.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tags.crwdcntrl.net
tmp.isavetube.com
tpc.googlesyndication.com
tr.blismedia.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
yt3.ggpht.com
rd.mobileoffers-dww-download.com
securepubads.g.doubleclick.net
104.102.35.84
104.16.57.101
104.16.87.20
104.17.25.14
104.18.24.173
104.18.26.193
104.19.175.190
104.20.9.31
104.21.10.176
104.21.235.154
104.26.10.209
104.26.6.27
13.32.27.65
142.250.181.226
142.250.185.100
142.250.185.142
142.250.185.161
142.250.185.166
142.250.185.206
142.250.185.65
142.250.185.74
142.250.186.106
142.250.186.130
142.250.186.134
142.250.186.162
142.250.186.34
142.250.186.40
142.250.186.97
142.250.74.194
151.101.194.49
162.19.138.120
167.233.13.224
172.217.16.195
172.217.18.1
172.217.18.22
172.67.141.71
172.67.146.39
172.67.38.106
178.250.1.3
178.250.7.11
178.250.7.13
188.114.96.3
188.114.97.3
195.181.170.19
23.56.205.163
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3030::6815:ab0
2606:4700:3038::6815:eb9a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
2a06:98c1:3121::3
34.102.146.192
34.120.107.143
34.95.89.54
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.214.151.160
37.157.3.26
46.4.20.137
52.209.147.201
54.39.128.162
63.215.202.140
65.9.66.97
69.173.144.139
84.200.5.215
99.81.117.172
063f16fa7d6c9d912fe9bcc0de6c67748cec05284499df830c1d3c59c4e45014
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f20e136a8085c3969ccea8fa9cacfccf71da54d5bcf3065d29a0bc074f5165e
1605eddc19dc96b98d718417c9900a2e33f7aa76e19dfc8f060e72de61a1da28
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1bafece3ffa322300ff62bc835e4283963fcacdc0702b4ef98589d8351d1a568
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ee565c9f3c48562b07677fef37b666515ed59c940ab400747f7c4443b4ccfc6
1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
22a6f4bf24284685eb406d549abb091deee1552baeafa46639ca08bf63625d0e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2ec47e9af3031b19c9b83f2dd3558b6134878acb16320c911a6521d4cb6f1422
2ee3a52e8c23b8ceb88f2d496c12aa94031feed78dc007f1edfd89bbc1b8f1ca
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3022479f7d4c017a04d3acaf159ecf2a9b65d96faf5d70924e5d666975b89b08
303c8e269233df20d6f2b490fbf5ae80591279d070647e13cccd388e2a4fbd3f
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3508a79c8ace34cd4829da2705c3be120405d7e5fca0b6b7438a61c67718780c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e47e8026f85a3c9cddb22ebaf3c71dded66bab845994395088de6dcd3f81957
4557e7da66711cbd611482efd5fa6705026f2d1edf8026900c2d53039526b0e5
45eefab3bd1a5cb15b58d3e51fe3d6b6bd78c5f26102fb3bad6df456f6de37eb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600
4e0b0bb40bd4f5c073401e115bb1814de3169498e65676e2c6c7d70fbd582f41
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f074b56653f8bc86cd95bc2742b69e1397044b1d8005a85944191c4de9a0726
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684337c32a3045738ae8c71a9966f5db8adc406dea8b474f88c5faf037c71421
696d3810d889570c925caeff4f93d6cefb360dc49c3a621be158157dd7608c65
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6b1801b0bf273f6a835011144142043c902656262e381c11584cc0591c0893d2
6d9daa7b71eb439c04883b00ef419d6b7ea9dd0f3afaeed1485001b7c675331f
6e7010077d965ba073c73df3c43586f0892dfc4890c8d790260ae83d354f2364
70122a0d99970ed002a3285721ea858dec3aae81eb795a698b706b70c762cf5e
71193bb93b98f3051278ffbfad3a9d8f47b46bcfc923caa76b6924bf963e8765
71eae1368a97e86e6741aafb47e74e8c71f4ff0b2ab76ddf39db101a71f4a6d0
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7b9dda0c4cdc0e03a6ee98ee60d7b727bb82910644f8c5356cc09bcffeff93a7
7e501eb634f50ba6235fad96c230713388acd39f007002d92fafbd49c0e57acf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe6f6d662daf5cff3101520eef81c254b0419ea17cb8c0ae21acd6ab74eb74b
7fecc3914781961baacac2abff3843449e9c7ac7d3bb93392cd905fe50a0fbc8
829146548e3e500ade46c605ce055361f28e7eb71322d24f9bb1ff7f267d81eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e91ac3e0c1da4bd31ab633714f314c6c616a497b1c11c92c815f86e3628ad8
87c2afdd719180b3f0352e4457bf060b04ef78bd446441616d9f393bfe9f9a64
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8a6013ad4debfd9940633a77b7ade77044f74497239d145c7371a76744d63bbc
8d4f2a373ade00acb3b86dcbe4ce3aa230919d7fe7d4cec13fa0c4c61e3493af
8e0a9de4245fe9d474bd640f4145bcad9d81dd8bc183dabbd419dfd4e1908683
8f5d4491dba3f2107d65834cdbe05e337f0e730e7ecb4e457f0aed78e0c0ac51
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
93388d13732c2f9b165a9b248a7cb5dadb8bd4200112eb65b4add94aef33f887
939e89873aa800b691bc5ea42a36b610e55965e479d5ea6b70fa42eb19e8c115
97b7a5b32d752b0507d1d7a731b6773743d7352c61bb108dfc5b926f282b3426
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ba7a15e92ef49d9de9b604e15e556296ca547a5e5c489ff93fe39fbe722c179
9bf92fc8082e4438703621ddb0bd82b825c1555fd2bf39f2320883d70ce8f342
9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f
a093f69722436a270fc181f1bed4adcccc8832dae536e10927a24dbc0708b1f2
a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a91b225d728ab18fc3b032d4df5a1a56d2d7476750464b38f40bbc0a61ca7571
a94ef16aa0d6f302acd8f996f93164be916cd5bff2f0ab2c8d5648f5e784892d
aa40e82200247a6674f62bc96d029fe3b02e077a6a6a62fda7a530a9c7fadbf1
ac8685ec8f4c7cd7549906a414415d5c466d3a7e6182153e092a527e2cf38ba6
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b248d3e7d621ff7eef6eeaf2c678536fec3ddf20f9106471c5c613321545bfda
b31a993713f10296a31c32b2e799298cb959ec222c77b85c267343b5eab60587
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
baf61ff1ad4dccaf0f64c0fd7a37efae7e6883f522aa1aafa13ae928017ff2c9
bbf3d3336d4193c4621b247a3fd6502d29ef183b8082dc92c928385fdc1e6861
be8f2617295d90e6d3fc4c17c3f9dcb5e6c981a49b51de82cb7efb5e133a9c05
c0809981c731cd92678917075984c524be712ddb9372634b9cb91c24bafe4b41
c0d263b73bc8aa2c8febee7d5db0ecb0de3cc61d34730a11def32af99daacf56
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c28f1d1a3b3c83fbb98858042da0f39b5909a39a7d59eec13ae43235a14a75ad
c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a
c80e6b132b064f69a38b6f9738a70467e3495fac04f2d314d35fe78289630823
c8237c1024afc9b010ff81c2563a86c4a28d4c5486f9105aa2f06c4c5069e401
cae41056f6ff9aae78e8b96c3fe05c860a107c12f5a221e299fe450f06bee817
ce0a5d442d4bfa9b08982b55a67e050fc7d9f29b5b89354e772e24dc8997884f
d2e9e90cffdd2ffbce7312574392093fd7d59b3054dc681f40c7701f5255833a
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daeece32317d302c7fb5847ef4d7a98129e192a1cdd102fd688056643ece3cdf
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd9d80cfa4d48af35dbb0e88e8156740d094c545e3c253f869dad17b774c49e6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe6abeb48711f23656d32822f8b2aedf5283c1d545bd4bcb31db12bb67d9087
e1f539b69d864e32369ecd8c67511372d972ff88baae42258c81767075cd540b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6dc8ba0d58a52aa3034acf2477db53a9149f2f1bbb97a0877513ca0bed139
e4932dcaa92cc7a166c55691c1196583f4e462d7f238c437c867f83ea3245d66
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c05fb472c136bf7e1d3835459644fb0fe4352a76c3e3cf4aef0badcbc373a1
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f
edcc9006a24ec98b38d2501a0816cd3883c4c0dcf8dff8f61a90ccf2c7e8bd0c
ee8121e2747cac89278f37f4add5fcd5e03c7233fc2fae6d22cc1962a43d0d96
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff8a413a693d09d2d5eab2659c5f83f058c1c7bdda89265c5aeb0ad4a10bf2f
f0e4baa1e328e01775e3727a0de8bd09aff93fa57379e0b1764f7a31a7ed260a
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f338c3dd6bdbeb02145e78871ab86e43fa0dfc4d5d4b343ecefaa26abdebe953
f67938c0bee8f5f87a8b47f5b244edf20bedc6d1efce0d4d0f343cfd3af53cb7
f6f135b6ceee6f42ab993747b78e90f9ed47b3cd96894b60679e90135d8fcdf2
f71fe45c0cf9b011848c296485a706a5649175cd02c10d6ead2558714f7d397f
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f7d895032e5054dbbec9957df2b61c4573f2efc9bd5b9090aa9322e46116ca1f
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
faec35ffbb60f349f8961852f4c3f2ca495283c89fef601b685f44425244302e
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
feec368d7002bdf65baaf0b7991b134836ed4c8fd9c98be129c16b924d1ff8e1
ff9047c0db667ef771a585f978ec4a13975f324116bc37008c0c4c9dde61e496
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

dropgalaxy.com Open in urlscan Pro 104.21.235.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

236 Requests

89 %HTTPS

18 %IPv6

54 Domains

72 Subdomains

66 IPs

8 Countries

6482 kBTransfer

12274 kBSize

50 Cookies

6 Outgoing links

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dropgalaxy.com Open in urlscan Pro
104.21.235.154 Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

89 %
HTTPS

18 %
IPv6

54
Domains

72
Subdomains

66
IPs

8
Countries

6482 kB
Transfer

12274 kB
Size

50
Cookies

236 HTTP transactions
7 data transactions