urlscan.io logo urlscan.io
SecurityTrails logo

ufile.io Open in urlscan Pro
2606:4700:3036::ac43:9b51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ufile.io/
Effective URL: https://ufile.io/
Submission: On August 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 9 countries across 39 domains to perform 190 HTTP transactions. The main IP is 2606:4700:3036::ac43:9b51, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufile.io. The Cisco Umbrella rank of the primary domain is 249471.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.
This is the only time ufile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 2606:4700:303... 13335 (CLOUDFLAR...)
9 142.250.186.98 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.51.9.184 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.89.208.11 29990 (ASN-APPNEX)
1 213.19.147.42 3356 (LEVEL3)
1 72.251.249.9 32475 (SINGLEHOP...)
2 5 37.252.172.123 29990 (ASN-APPNEX)
1 3.127.153.214 16509 (AMAZON-02)
1 52.58.39.129 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
3 2602:803:c003... 26667 (RUBICONPR...)
6 52.4.33.45 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.69.48 16625 (AKAMAI-AS)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
25 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 15169 (GOOGLE)
1 34.208.243.53 16509 (AMAZON-02)
1 18.116.102.143 16509 (AMAZON-02)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
4 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
7 20 142.250.185.66 15169 (GOOGLE)
4 8 104.18.18.126 13335 (CLOUDFLAR...)
2 213.254.244.112 3257 (GTT-BACKB...)
1 35.244.159.8 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 54.154.5.146 16509 (AMAZON-02)
3 3 3.126.140.73 16509 (AMAZON-02)
2 2 54.247.130.124 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
2 2 3.126.56.137 16509 (AMAZON-02)
1 142.250.185.198 15169 (GOOGLE)
4 142.250.185.98 15169 (GOOGLE)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 1 104.18.19.126 13335 (CLOUDFLAR...)
3 3 213.19.147.45 26120 (RHYTHMONE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 82.113.101.132 6805 (TDDE-ASN1)
190 49
22    2606:4700:3036::ac43:9b51 (United States)

ASN13335 (CLOUDFLARENET, US)
ufile.io
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
4    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
1    184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    213.19.147.42 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    3.127.153.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-153-214.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    52.58.39.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-39-129.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2.18.69.48 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-48.deploy.static.akamaitechnologies.com
at.teads.tv
1    2a02:26f0:11a:398::26e5 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
6    2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
25    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
22    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
id.sharedid.org
1    18.116.102.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-102-143.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    2a02:26f0:ea:4a7::4469 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
5    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
20    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
8    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    213.254.244.112 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
rtb0.doubleverify.com
tps.doubleverify.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
9    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    54.154.5.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
3    3.126.140.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.247.130.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-130-124.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2a05:d018:d29:3605:c111:9aee:7bd3:6707 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
302 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 206
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
313 KB
22 ufile.io
ufile.io — Cisco Umbrella Rank: 249471
351 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
308 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
8 KB
9 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
2 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
9 KB
6 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 471
rtb0.doubleverify.com — Cisco Umbrella Rank: 666
tps.doubleverify.com — Cisco Umbrella Rank: 475
130 KB
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 20712
143 KB
6 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1730
ib.adnxs.com — Cisco Umbrella Rank: 230
17 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
159 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3064
google-bidout-d.openx.net — Cisco Umbrella Rank: 2947
rtb.openx.net — Cisco Umbrella Rank: 1517
913 B
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
4 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1039
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
cloudflareinsights.com — Cisco Umbrella Rank: 1106
11 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
1 KB
3 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1506
sync.1rx.io — Cisco Umbrella Rank: 570
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
at.teads.tv — Cisco Umbrella Rank: 4119
s8t.teads.tv — Cisco Umbrella Rank: 2886
5 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 39569
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
r.turn.com — Cisco Umbrella Rank: 3005
869 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 94045
643 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
574 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13782
551 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3074
376 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
13 KB
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3344
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3504
904 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3290
8 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
451 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
640 B
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 139
454 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 15164
253 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 21453
142 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 pubmatic.com Failed
hbopenbid.pubmatic.com Failed
190 39
Domain Requested by
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
s0.2mdn.net
www.googletagservices.com
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ufile.io
s0.2mdn.net
22 ufile.io 1 redirects ufile.io
20 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
9 s0.2mdn.net ufile.io
s0.2mdn.net
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
9 securepubads.g.doubleclick.net ufile.io
securepubads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
6 googleads.g.doubleclick.net dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
ufile.io
6 client.crisp.chat ufile.io
client.crisp.chat
6 c2shb.pubgw.yahoo.com cdn.adapex.io
5 www.googletagservices.com dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
5 ib.adnxs.com 2 redirects cdn.adapex.io
googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net ufile.io
ad.doubleclick.net
4 cdn.doubleverify.com dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
cdn.doubleverify.com
ufile.io
4 gum.criteo.com 2 redirects static.criteo.net
4 www.google.com 1 redirects tpc.googlesyndication.com
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
4 dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 x.bidswitch.net 3 redirects
3 mug.criteo.com
3 fastlane.rubiconproject.com cdn.adapex.io
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 r.scoota.co 2 redirects
2 oajs.openx.net 1 redirects
2 cloudflareinsights.com static.cloudflareinsights.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.google-analytics.com ufile.io
www.google-analytics.com
2 static.cloudflareinsights.com ufile.io
1 portal.o2online.de
1 tps.doubleverify.com cdn.doubleverify.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 rtb.openx.net dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 r.turn.com dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 rtb0.doubleverify.com cdn.doubleverify.com
1 static.criteo.net securepubads.g.doubleclick.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 s8t.teads.tv ufile.io
1 at.teads.tv a.teads.tv
1 stats.g.doubleclick.net www.google-analytics.com
1 prebid.media.net cdn.adapex.io
1 tlx.3lift.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 ap.lijit.com cdn.adapex.io
1 tag.1rx.io cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 cdn.adapex.io ufile.io
0 google2waycm.netmng.com Failed dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
0 hbopenbid.pubmatic.com Failed cdn.adapex.io
190 65

This site contains links to these domains. Also see Links.

Domain
www.ssllabs.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh

This page contains 22 frames:

Primary Page: https://ufile.io/
Frame ID: 09C703DADB7EA4C4F83A99F119CA2CCC
Requests: 71 HTTP requests in this frame

Frame: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661011200
Frame ID: EB8AED479F16BA3A6DF907E7648B3810
Requests: 3 HTTP requests in this frame

Frame: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB7F1D01090A69E87F67597C851D85FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CBCDDCD3910B45C258AC1A54A21A8B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B6F2AABC39E290C09EEF0F920E665E5
Requests: 2 HTTP requests in this frame

Frame: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7ED1FFE08A273ADA35FC4F3E2D3D8449
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Frame ID: 821155C7A432DF5EC2184B2BAF134823
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ufile.io
Frame ID: 2399B327D030D4A97AD731A62B42F956
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 366DD0D84C726771D88F403D4AFA25ED
Requests: 3 HTTP requests in this frame

Frame: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC6D5FB96901C727655F5D1B4FF278AD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html
Frame ID: DBFEAF8F3FE6FFA1817B35259E878B77
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BFC5C1624D216DDA5AF890E3914FA1F2
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 47532E04CDD598DC20B9A00AC653E464
Requests: 1 HTTP requests in this frame

Frame: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 36B01C4AC9173C4A0594FCD05D75044D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Frame ID: 1E5B89871CA8757911E22BF08191C4C1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9764A0A80B284E26BB824EE76DF5AFE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4CD217CCF7770F93B34861B922BE4516
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
Frame ID: C9E69CDF0593236726B3AA9E1C20919A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD243262F31049223D8F78CC14819B5F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2960.js
Frame ID: A02D627B7FB1359AC3BE244FA9E3871A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E049F011BB4D10EC1B0D08CB6418104
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: E2BE32E49CCF337EEA0D92543A661A2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ufile.io - Upload files for free & share them without registration

Page URL History Show full URLs

  1. http://ufile.io/ HTTP 301
    https://ufile.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

190
Requests

87 %
HTTPS

41 %
IPv6

39
Domains

65
Subdomains

49
IPs

9
Countries

1947 kB
Transfer

5419 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ufile.io/ HTTP 301
    https://ufile.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pPMTR3x1MXI2cHdtKzNuOVlkODN0a3A4dldhclg0c3d5anpTdTFiSFRNUU1YN0dXMTF1clRTN0lRWGZLeVZ2VTg3dzFIZllrM0xHVTBNbmxETWUzZWk0Vzdnb0tYSWRnL3dFRDNyNFRhUHFwVDBxWkxsaXg5NVZ3VWdrd1NtNkJuTHE3LzZpWXU5dGl5djdBd3BXYmRYTUo4YUs1bkM4RjY5UjVuSzNCR3JpNWdicWFZbVFyVldVc3gybEo2R3BscEhxV1BESlVjMEVVc3crdjc0bFJnS2x0MDdMcUNxdWxDTWptS3RsMXBnc3FUd0FJPXw&cppv=2
Request Chain 85
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp&cc=1
Request Chain 95
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=3&topUrl=ufile.io&bundle=cyuUdF96UVZ3N3dZMEVEMzd4dHQyUnJHNndiWllKSCUyRnVsJTJCZFhtJTJGcDh5S3YxUjQyaUl0a2RkazBNOSUyQmhBVE9OZCUyQmNZWUd5WHN1U3B0Z3RiT0U0Rm9nZVlNWTRYczV4RnFEeTVBTSUyQjhxN0hacXRzNUNNdnA3RVJoMDJFWiUyQlFsWnE0ZVNu&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=v8gkUnxGaUg4OE1Bd2kzelJvdVFNZ1pTdzdWMXhMYU1QVGQ3MXdoQmM4b1dnVUlUSzUvaCt4azcrK1FlYnRiVnVSZXhpTm5qNStwUEsycEIrdjExLzZBenluUTlpSUxoR1BDN2tudUM1b3poWE4rUWJ3S0NYUnJEVXdqa2grd3B3VEtNSU5TQ0ZRMUxzVitiRmhEY0tPWDdwSEpydUY2dHU3STB5VEE0bk42Z1R3TEwyS0gxN1dxTkI4OUJXNk9Hd3NPSHpvNzBNZTlBMklRQUlEanFEZktjYnRrUlFBUklnbXRpbU1qQVAxQ0w3Y0NFRElQWVdWTEVmQnVtbTc5ei9IMGpFc2dxaDJRb0lZMVQ4YVRaSWRyTnh4dz09fA&cppv=2
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1&C=1
Request Chain 98
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwEQ8iYmui07mbuQbd.WGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEP7g1giloALG_i1VsdZwQ&google_cver=1&google_hm=2
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJuUmoJlmOW5nddUzkAcoos&google_cver=1
Request Chain 100
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1
Request Chain 133
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwEQ8iYmui07mbuQbd.WGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1&google_hm=2
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENtz1gebThTvnNUvi5JdvIw&google_cver=1
Request Chain 135
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Request Chain 146
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1&google_push=AehlK4CE1eQyf0HlTU3dDsMoy48OWh6lwRr6yXT3biV5cBm61R1LaPf-ulsZYhKx76AU_LBH_GWQmHZ5-votAwgJfWlTdi_25_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5NTU3NDA2MjczMjU5MDI5NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1
Request Chain 147
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y0766N042wHXwXtj_EIyQ5TueOvhHCyekQD0JAL5ozYO0LKWJNvwkwA9cG&google_gid=CAESEE4d_Q_ImonSNIsUoj-DiJI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdFUThnQUFBTEAwZHkyQA&google_push=AehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y0766N042wHXwXtj_EIyQ5TueOvhHCyekQD0JAL5ozYO0LKWJNvwkwA9cG
Request Chain 148
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPwjGXsC54f2eiJ2bAVRc6U&google_cver=1&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPwjGXsC54f2eiJ2bAVRc6U&google_cver=1&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2 HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=0f81952d-33ce-4a9e-b4a2-da8a226846b4&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2&google_hm=gROfcO2tQOeG9qlBbQyZTA==
Request Chain 149
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6juFoDD3jfr8QdnWKaSvY&google_cver=1&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0-w5Y3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0-w5Y3&google_hm=NzI2NjczOTQ1MjgwNTI0Njc0NA%3D%3D
Request Chain 151
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGdFe2LTfT-Y5HQ7uyay6z0&google_cver=1&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-VdmO3OolVpgBCq9EnP8ZUhbUACEPFA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGdFe2LTfT-Y5HQ7uyay6z0&google_cver=1&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-VdmO3OolVpgBCq9EnP8ZUhbUACEPFA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tamEyS1JwRTJ1RVRoSHFqRlI2S2g5NjBQLmxrM09nUH5B&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-VdmO3OolVpgBCq9EnP8ZUhbUACEPFA
Request Chain 169
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 170
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJiXHDLTJ8uxYh8xBPK7z4o&google_cver=1&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0GW93CuNPqW7v HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2oJ3LPAXT-uqQQrsUGCtzw2&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0GW93CuNPqW7v
Request Chain 171
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyOLnhgMfH63s_SSvfyhdw&google_cver=1&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyNOtw8DERlRfB_ov-64HXR89GPn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyNTAyMUstWS1NOVBG&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyNOtw8DERlRfB_ov-64HXR89GPn
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_cver=1&google_push=AehlK4BZke7ssg0egU1L-ALizyvMeDtDexAPv4js8q9BAJinTYbNDCKh1goEr55vkOjmwXpDK8GWjbZXXeKHP8Xcer56IIpkMya8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_hm=YwEQ8iYmui07mbuQbd-WGQAABKgAAAIB&google_nid=index&google_push=AehlK4BZke7ssg0egU1L-ALizyvMeDtDexAPv4js8q9BAJinTYbNDCKh1goEr55vkOjmwXpDK8GWjbZXXeKHP8Xcer56IIpkMya8
Request Chain 173
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHwO9Kuhn7tWebaFzh-1rMI&google_cver=1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661014258971 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9778ccf7-b699-4c16-ab44-3dc6038454ba-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV%26google_hm%3DA5d4zPe2mUwWq0Q9xgOEVLo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&google_hm=A5d4zPe2mUwWq0Q9xgOEVLo
Request Chain 174
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJTxFetDZAV83zkMpfGMF1c&google_cver=1&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z&google_gid=CAESEJTxFetDZAV83zkMpfGMF1c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4NjEzMzA5NTg4NzE0MzA2MTI2Ng%3D%3D&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ufile.io/
Redirect Chain
  • http://ufile.io/
  • https://ufile.io/
79 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
11f93382f1da2d64bcf833cf8a267212159c034d0fc21b904d2b6f6e6e5fb2a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
73dca17389399112-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 16:50:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7yjJhtoqzaWwUbA%2FYsw5T0Xeg0ItQVeTwXZy8lOD8mKKTv92VCCLY16k6X%2BNU46AKHjN6P7Dra13BK7%2BF7tRwGBDjPVNkJwWG523tUqY5AcmLJcIfy0HfPTVru%2BIIPQPxcJd28k"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.24

Redirect headers

CF-RAY
73dca1730bfebbfd-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 20 Aug 2022 16:50:54 GMT
Expires
Sat, 20 Aug 2022 17:50:54 GMT
Location
https://ufile.io/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuBuFMoiPxuMVbJEPDMkJ6m5qYaijaDfnln3qzc81HaYqwnbT15pKk9zoYwhpVurBGQD7Zh7o3Q6l8aOUNluKZf4Phvr2TKaofZWFDPAcCHeWX9Re6ZXtI1Sg6Btlx2GKzq6O8fl"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6fb17d3977d267dfb04337c9d1ba1ccd07577c97886aeb2d8ba76b4dcdfea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28489
x-xss-protection
0
server
sffe
etag
"1308 / 652 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Aug 2022 16:50:55 GMT
aaw.ufile.js
cdn.adapex.io/hb/ 		510 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.ufile.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb604ff208c0df7df3c773aa7cfc3a2d206aec1efe93e48c8e15c6add9661bbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10631
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 20 Aug 2022 13:44:46 GMT
server
cloudflare
etag
W/"6300e54e-7f8fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpOOJ6nOeukKpBV4ug1IVS7n3ZxJyc%2FWjyTXliwoEKbx5gSLZKKBXC0nRdpTOWBxrSsnTJLT72iBcitLNH6luibhFpJrGMY0%2Fe0gdV9K6K7%2FMHWG7lVtmbSSCb9eoJua8Lu6mcewyrN5DJUP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
73dca175f9426919-FRA
expires
Sun, 21 Aug 2022 13:45:35 GMT
roboto-v20-latin-100.woff2
ufile.io/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/roboto-v20-latin-100.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1845425
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15808
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3dc0-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo9otKZ4qWetr5QAqCD2jg%2Bpurlu%2Fvt6ydlZ361bKf98TUjPHYv48oFxvF3xOUZ7j3Umqy5hLt6NGPFlCrarWtnTmM64pRunLEsi8Kf%2FOkv1zcdCHwnQkSQI3udqIxU3IpRKAA3g"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73dca175ab2a9112-FRA
20.jpeg
ufile.io/assets/img/backgrounds/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/backgrounds/20.jpeg
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a931a4861171005aee69083bcd4f241fa94dd3d401f27de9f180c5c55e99a62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67206
cf-polished
status=not_needed
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87954
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"15792-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hRYP7c%2BeMzP%2BfhMlYD2PXO7IbZ8s9ekqLuoxrNyFgle4S8TOzzVj7cUa3%2BG2XOUxDfHYVbPO%2FjUMXF12psWOvlKtwnSWPnBcRocaYlw2srvPeDTcTAKSrDkkkzhQzcZV1pnmyZj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73dca175ecbc8ffb-FRA
cf-bgj
imgq:100,h2pri
spacer.png
ufile.io/assets/img/ 		34 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/spacer.png
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2357938
cf-polished
origFmt=png, origSize=152
content-disposition
inline; filename="spacer.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF1dIe5ftgIpwFcQpiW3ufhRUgcxBVyKLS6BzOHkOqEfq44BGmzv%2BozML1aLH4%2FdnLIu3HD9cgwkI2Q82K5pv1%2B4DRG%2FUMriIvO4i4K%2FaGHHKKHU2JGq%2F7vhQxctdP30VWEh7cTT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 20 Jan 2023 09:51:57 GMT
cache-control
max-age=15552000
accept-ranges
bytes
cf-ray
73dca175ecbf8ffb-FRA
cf-bgj
imgq:100,h2pri
dropzone.js
ufile.io/assets/js/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/dropzone.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d416d7edf7d9d6f041761f68d1057b9c1607be38b6d682e87266f54f2492baa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836134
cf-polished
origSize=119870
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d43e-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6%2F7vdh7i91QECJhd2NyshirW79QWourjxRIuYSLE1cz5KIvx39HPRAVq4sEUk5w1G7U4gkc%2FHkV8vowy1s4zBmPh%2F9fPv6E9wdgo%2FITu3QQ%2BeK0qXFaGYre3Y6K1pkRzEcMld%2Fz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab2b9112-FRA
cf-bgj
minify
countup.js
ufile.io/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/countup.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9386b81002b3ada59667c03a326520500de5db4f6c8252d5778203613bc19eb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157516
cf-polished
origSize=7233
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asa5xrMWcKEpdmtTO16A1oBmD7NkZ1jX%2Bt%2FR2H41C1FBzrcMVyQxMbUWL8%2BpbC3jau9KVimyzwc4k99iTmV32e0J%2BKgcLDxmCUz5Tq%2FRP9C1xa4I%2FTLbZvZKo8PWBpSxC4L1GGoI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
73dca175ab2c9112-FRA
expires
Sat, 06 Aug 2022 05:46:02 GMT
homepage.js
ufile.io/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/homepage.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b1142f321e90d47eefdebcbd06e54161d28b08628c076a4dfeb7ce4b3730ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1550216
cf-polished
origSize=17651
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"44f3-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNbZm5ESfhPU%2FE4kABtydJPI5bBVCnz7RSuR%2FDJPaN8fq1LGFMxMvEiLjhpTnF2G336FYUHDMCmdW2JBznBjwPYbN8eooXIf71luGpFS4R0trSkqodr9Xrj3V1y5finbUGTyTTlU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab2d9112-FRA
cf-bgj
minify
dropzone.css
ufile.io/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/dropzone.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b5f6dfaf48d5ae3fbc61a289a621749cd6f68d16ea3b4dc05f8c90021637f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212171
cf-polished
origSize=10764
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2a0c-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e64qiK6voPrwdHVe2WCPbYwp2OTJELAf7px7HqMItJxHWP4L8XihmMeTgz1%2F%2FHTld5j0XKFiytjKy%2Fi3b%2Ba6b1GBhstqOkErKRREFMTwgkbJ67IOXOvugqxxRJA%2FY30y4WWbmFdH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab239112-FRA
cf-bgj
minify
bootstrap.css
ufile.io/assets/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/bootstrap.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1845425
cf-polished
origSize=41042
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a052-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzDiLfqXpAr7JgSNFgshnHn82V0c4A89ytNJudymmGz%2B6S0UiBRVxEJUC9qaJisPh7xCcbN2OKMkdvTlEZCo6PHvayxC0%2BFOyQR35eQQF8xh2dRMzU9Qrv4x9CwWphKLQvK6Cg8f"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab279112-FRA
cf-bgj
minify
theme.css
ufile.io/assets/css/ 		86 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/theme.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1556888
cf-polished
origSize=114399
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1bedf-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l%2FCRghZCnxDi4W9tO%2FOHucWjxf85OnoLo4oKMfmq9y0Vuhm85k8hZvVpnvs6fSMv2xJAL9IJilUPfApeDh6cJDkXG%2FRiHMCNZTaQ04BjlDu6fk%2F%2FyuoICAxrLa5jvf5TEcHLEvP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab289112-FRA
cf-bgj
minify
utils.css
ufile.io/assets/css/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/utils.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1847399
cf-polished
origSize=76432
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"12a90-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvF2mIYu0NJHlS0%2BqdGXcUCYVJycgTPEaVqAQfl9%2FBUjbWX2KIiDoFBEyraN8GC7%2BDr60f82SHnKG1zOcJfXexx11gMvj3FFGCudc4zDIP3jNGeyPj9RK%2FmqnPOnm0TEv4SNA%2Bj%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ab299112-FRA
cf-bgj
minify
logo-dark.svg
ufile.io/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/logo-dark.svg
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2361106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnz64VceOSY5zT4uhX3%2B0ILazePiEL7jsi6lZPL8f2TGBO%2FvVe9sp2BZ6jjNCpFAQ5ZGbsVS%2B3Qy6QZyU0pRLSxQc2dwodoWhqMcvmQKYcKlozlzmGdO2jBJiIY2tD3MU74g%2Bx2z"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
73dca175ecc08ffb-FRA
expires
Mon, 24 Jul 2023 08:59:09 GMT
jquery.js
ufile.io/assets/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/jquery.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366002
cf-polished
origSize=89500
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP928N5gSzw8CpUPJ65%2BpfrZY0LGQcecET7e2i7YVcdhSLEH7tnmKVPSOXB%2FzZtrJxkBq22xYeGL0Kmund0CJ5mSWDj90lprS1aqK6Tjs6iiA8TT%2BxfVjghZWgAfpyZ0ehig8Miu"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
73dca175dca08ffb-FRA
expires
Tue, 23 Aug 2022 07:37:33 GMT
utils.js
ufile.io/assets/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/utils.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1843824
cf-polished
origSize=47601
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b9f1-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JjCxFP30H7w7IYxJzgaXFfFkIVGznhf0ewh8nuWf6Y5VK3ytDFO8%2BsQjwWMEtPHvIfqGt56edgroPqtcUkW74HJFAvVU3eeMLL9aBmZ46kenbriVQWW%2BPM1LtiKEHmoiheop6Ef"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
73dca175ecba8ffb-FRA
cf-bgj
minify
global.js
ufile.io/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/global.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2357938
cf-polished
origSize=36623
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsal1ZZ1lfKD%2BsAqExotgL65MGjG0GgNhkwZ5XJL2dmAikenkGu6GeBOYsJIoIHlHrtdKqAr5KJFEUOPpFvs5AJ6wX968e%2F8gMv9q3IkY%2Bubtyl%2BT%2FGrV89MohScge1hJGbYNVy%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
73dca175ecc38ffb-FRA
expires
Tue, 23 Aug 2022 09:51:57 GMT
ab.js
ufile.io/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/ab.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2364116
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21k1hpbbtteLRtwsfQNLBbUdCSQ3lDh7vCBiuWYU%2B678nOmZHbMfLFo5X7mT6jPU1kxmn1hinTUOw9WYbuHLmKSxdRENqo8cM4BRXgivWBIH%2FWZipzlWJHax%2B84ca2IAhDuhbUPR"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
73dca175ecbb8ffb-FRA
expires
Tue, 23 Aug 2022 08:08:59 GMT
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
73dca1763dfb9bca-FRA
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://ufile.io/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
73dca17639aa9bee-FRA
pubads_impl_2022081601.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 12:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133485
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Aug 2023 12:33:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		158 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
37d926ff1774efcd9da2eb444744d43997376fc9c8ac940785e94f6a13cfc89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Sat, 20 Aug 2022 16:50:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6535
date
Sat, 20 Aug 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 20 Aug 2022 17:02:00 GMT
/
cat.hbwrapper.com/ 		15 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ufile.io
Date
Sat, 20 Aug 2022 16:50:55 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		315 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b470ec22e4af19429e3da9ccd03ef915dcdf7335bea39dbcf2dd3bfa9d69e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
73dca176fdee6977-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
tag.js
a.teads.tv/analytics/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b893bd2153c34ffae47bee4e470670b7f65a55135bf39a131d023fd4c2ba66b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
uZMEoVhOghL9XuJuFLGinh5uCFWijwOl
content-encoding
br
last-modified
Thu, 18 Aug 2022 14:25:33 GMT
x-amz-request-id
YPJV93BC1B4VTFNG
etag
"6b159f6384154e305adb1de0b3d16c4a"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Sat, 20 Aug 2022 16:50:55 GMT
accept-ranges
bytes
content-length
4821
x-amz-id-2
hMxzSeckxZC+0+vkdK/6dXKV5CDS/iUtPMeSKv3Y4A9DKK14wdFKmkpIly+9qrY+Km9oXpvMSmI=
invisible.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame EB8A 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661011200
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1932f5f3ad3ab10f6614bccdecb74c573badb2093f616a95648d3f9e296e9d92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urkio2ZnEN0fW9IPuuKvewEQM87FyXcaMf%2FpmpVT%2FW7wB2LUuqmqM0E25no%2B42LUcSPuQbVbMvSAEMBMOuqMUs0KBP98oDHnjCfarYyTlpB%2B1VHDUqy%2FetM1crPdiSuLqDHqBXpr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73dca176ddc78ffb-FRA
vary
Accept-Encoding
fa-solid-900.woff2
ufile.io/assets/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/fa-solid-900.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/assets/css/utils.css?v=1563114509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638e43a6b51019f159d93c0e1c2d56eba3a8a0591ddd559727278ee653e28fc0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/assets/css/utils.css?v=1563114509
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh3671XFzK40rFU6XZyGf2ScgFr7QNaZPahkwaCCwaLsRiv3ub00V8YuII%2FCvIGAcwKPdzYQaB0GgwbC2jDxlM8I8woit2aWfiDmZeCvjrcqVLnyEX%2Fu6brA%2BFEqeamXaNgUcySl"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73dca176eddd8ffb-FRA
expires
Thu, 11 Aug 2022 19:02:50 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089845007&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2F&ul=en-us&de=UTF-8&dt=Ufile.io%20-%20Upload%20files%20for%20free%20%26%20share%20them%20without%20registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1965283754&gjid=1155137506&cid=663196376.1661014255&tid=UA-73416834-1&_gid=1625602553.1661014255&_r=1&_slc=1&z=745364196
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2541851722790880&correlator=2420791155366694&eid=31068927%2C31069030%2C44770639%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&iu_parts=22247219933%2Cufile_Vignette&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=812195063&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661014255237&lmt=1661014255&dlt=1661014254960&idt=251&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=663196376.1661014255&ga_sid=1661014255&ga_hid=1089845007&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e00f65b3ee244b14ba9f919a686d5d2ffefe139863ed6392c870ab1581574369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB7F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:55 GMT
expires
Sun, 20 Aug 2023 16:50:55 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022081601.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022081601.js?cb=31069030
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
148ad641ee536ca3305b2a42ac9345f0efa0c3021f6df0c03af8af0e72c7313b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 10:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13584
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 10:57:41 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		380 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d568a24ef9532bd792b0ad6790d0a98e464c4c75055fbb8c004512185fba4c76

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:55 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.222.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
mvo
tag.1rx.io/rmp/247939/0/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/247939/0/mvo?z=1r&hbv=7.8,2.1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
pragma
no-cache
date
Sat, 20 Aug 2022 16:50:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.8.0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
88d8369b68666058956aa206e38808c254e1130d80a9789df8881d36838478ff

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Aug 2022 16:50:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ufile.io
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		20 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e718b523b305b456a15e459671f8adaff9f5598b409f8cfe96edade246b4f7f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Aug 2022 16:50:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9d72fe9f-4b89-4e57-8958-d7a4936cd5ac
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.153.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-153-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f6e469f59251b2760f2061fd912cc9c11afcfe487e32d2fa288929fecc9ccc06

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.8.0&referrer=https%3A%2F%2Fufile.io%2F&tmax=2000
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.39.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-39-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:55 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f8ea88a544a98c57433566110728712131a95fadec32603be8388f9ca437f023

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323466&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,,,&eid_pubcid.org=c60b622c-4ca2-4790-a934-3793a11ba151%5E1&rf=https%3A%2F%2Fufile.io%2F&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2F&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_top&tg_i.gpid=%2F22247219933%2Fufile_970x250_top&tk_flint=pbjs_lite_v7.8.0&x_source.tid=0b5d9057-ebb2-471e-a75b-4dba3a051ab5&l_pb_bid_id=748aa21923cbb94&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.7865593700429345
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
43a42575bcacf7e9864dba93e2d13054877ff8e6555d9e8ce11095feaabebd49

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		415 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323478&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,,,&eid_pubcid.org=c60b622c-4ca2-4790-a934-3793a11ba151%5E1&rf=https%3A%2F%2Fufile.io%2F&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2F&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_728x90_stickyfooter&tg_i.gpid=%2F22247219933%2Fufile_728x90_stickyfooter&tk_flint=pbjs_lite_v7.8.0&x_source.tid=0c9de764-2df0-4b72-8ae0-d16ad2e899d0&l_pb_bid_id=756be2b0c15a0b5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.8154928965954438
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ade280a7e3c14b3cb712a4bd7c14f09ca7948dd8fadd51b1e7498721e600692

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
415
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323468&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,,,&eid_pubcid.org=c60b622c-4ca2-4790-a934-3793a11ba151%5E1&rf=https%3A%2F%2Fufile.io%2F&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2F&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_mid_1&tg_i.gpid=%2F22247219933%2Fufile_970x250_mid_1&tk_flint=pbjs_lite_v7.8.0&x_source.tid=e04c898c-0975-4284-ab7c-3d58c9aa38f3&l_pb_bid_id=76c7ec404d59322&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.21945943017205627
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
07cae07a9a6b90715b18d514826a9c4ffe85c55526a14ec36ad33343de35b7d8

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
406
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8366a4aba69c2e526fd19840dd40af877ac4144edb95e139263eaa59a82819b8

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
94b33ed3c8183907fe4a877f0fcef26dd622c3d844b00def92423c90e365b32e

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b4180da31dbc2f62ec1b4d62d696b1884e12790176ac40faf48fe36dc02ab6fd

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Sat, 20 Aug 2022 16:50:55 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Sat, 20 Aug 2022 16:50:55 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Sat, 20 Aug 2022 16:50:55 GMT
server
ATS/9.1.10.25
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73416834-1&cid=663196376.1661014255&jid=1965283754&gjid=1155137506&_gid=1625602553.1661014255&_u=IEBAAEAAAAAAAC~&z=691410993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 20 Aug 2022 16:50:55 GMT
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/ Frame EB8A 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a9a06f160aba46bce077eb347217241b7504127db48aba848e5d834f3667dd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOTypy9CrRjnjfbVBWdvKteO%2FIKqnz4KVu3UTQuMl4kpvJB0QM%2FS87qdvUfDSsAbps3hJhwRZBNSafMZGk9ZsWqhHuxOipOMqyjKyqPkTf%2B0l6OW%2BB7%2BNGb%2F1rgjIURw9mdg2fcQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73dca177aeb58ffb-FRA
vary
Accept-Encoding
fpc
at.teads.tv/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=cc252b7&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:55 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sat, 20 Aug 2022 16:50:55 GMT
interface
s8t.teads.tv/logs/publishers/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/publishers/interface?sharedIdsCount%7CPUB_17018%7C0%7C%5B%5D
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::26e5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
73dca17389399112
ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame EB8A 		2 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/73dca17389399112
Requested by
Host: ufile.io
URL: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661011200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3bdveX%2FYZH3rhd0sz9JzZH7Dg9eV3oBveTW1CIs1f33qYG3hIbxJNjOboWlhiUKl88F%2BtmimQB8GuhTWcLdpeLH%2BGqafLW3S0%2F0BLLR5UHjGv2snOoECFvvdRKOUSvu5uhQY%2FN6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
73dca17989118ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
606544e1a9799b24a9adb613926b64f4d8e6a920c46c8453dcafbbf5f3aa7524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7938
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Mar 2022 13:16:27 GMT
server
cloudflare
etag
W/"622f402b-1f63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
73dca17a0bd49165-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 21 Aug 2022 16:50:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c47615c86ef433100fda4278521445d7bbd7d094c47c9d6d1972b0788426b005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11156
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://ufile.io
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
73dca179efe49bee-FRA
vary
Origin
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
86400
cf-ray
73dca179bfa79bee-FRA
content-encoding
gzip
content-type
text/plain
date
Sat, 20 Aug 2022 16:50:55 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
client.js
client.crisp.chat/static/javascripts/ 		379 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?77e826c
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a586d884a1d5413849783bea66cb216710fa58ff31bc5bdcb224ee2badae3307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7938
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-5ec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
73dca17a7d0c5c20-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 17 Aug 2032 16:50:55 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		327 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?77e826c
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c61bb6004fddf317317d374c110f542c304111ce52b5f4603cc13b04ed0704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7938
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 02 Aug 2022 14:37:14 GMT
server
cloudflare
etag
W/"62e9369a-51a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
73dca17a7d095c20-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 17 Aug 2032 16:50:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:50:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CBC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 15:07:35 GMT
expires
Sun, 20 Aug 2023 15:07:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9B6F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bc6f07f2c9534b1ac31df7ed92a03dda250fbd0304fa7d4a6737a00154049c95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pz8zuFL8L-x2PA1S_-h1BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pz8zuFL8L-x2PA1S_-h1BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:55 GMT
expires
Sat, 20 Aug 2022 16:50:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/ 		213 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-7-20-16-50
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a14100f222a17b1eb489c807cbb02ce82d6eb8c17413b9743e35e175a66d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 20 Aug 2022 16:50:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
73dca17b8e7f5c20-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sat, 20 Aug 2022 20:50:55 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 8CBC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=2541851722790880&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1643547457112
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12331
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 20 Aug 2022 13:25:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
73dca17bdf085c20-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sat, 20 Aug 2022 20:50:55 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?77e826c
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9daaf2ad15bece2b36d07d071fc920778be6efe8b5c9d03436a0ab13cb1a4b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7924
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-182b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
73dca17c1f7d5c20-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 17 Aug 2032 16:50:56 GMT
generate_204
tpc.googlesyndication.com/ Frame 8CBC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ux_5IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=2541851722790880&bg=!Q0ClQATNAAYUOm8VNDo7ACkAdvg8WqXVRSF2KkuVAXQzY2GzlpDjCPwWEDHGfRTCu9lFaDRJNiMbAQIAAABsUgAAAAdoAQeZAs4vLWvN04BJpwwDwOAA4vt633D3zcWt17WJkzdxshgyD8Kf-rnOuGf-Mnr57mdVBHYyFT5Zopz8bsMsTM35mP7ObpJIl76GTrWnqQehhuior-d5yD7-BiSmoZ33nsJ8Nn0OnYCjOwvllqtdvuYhnFo6UKFHhWjHANtPMikPYrQJ_71rXyPxEWzaiRxAUp16DoU_taOWWcGd3_hSxg-2yPL-OS9lzGL3z7qDcvqzRrJvr9Olu1UFNZZvog6jIZUis9aK_fhe-MPDPb4AZvJmK9WoTIoKuoF2yqljRCQxSEJ_IprSBsrvU0wPVqPTA2P6Si5Zjn5vgIbwBfOhxaympacMqb1rzgZeMzyYy8dXxdZCDrVmsIF2N5k0WbEozHWYAHdFnCJ_VxZd8UUOBRSwDy55GErsQ_2pRpdr2Xc10hLFg7lqb6aVzPuE30bQLPjCKmnstjEpfxO0rvM0qk8D9uJw95XQ4Lsq2XyrJyq1fg6qbK30SrygxXuwIqcdnfDxownzElykQ_eEY8fan9E91vOGn7B2VS6P_caGYjmd58micEseVcDKAPocfLzGXyfrhLQwJ_WcwMb9j02FnP6oViCNlfACX2D1TMD_MNQ8CJiucuP98YCIUxParXxyRN50X35zSnmAGWTKDSs0d8mgoIkBSDpuBZFmQU-_5ugfhj4328fx772J1hrCqo4OETJrbQFB28TbyyOmGXxZr-h8yutxIHKyjYOt3UF-XJuNhF4QkY3Sbi1C9EP9KDKjioQM3dmI583jPA-KTkXv4pLDUSqoz3AL_EEo9laNjW1V4gPsLkENbtMT7Lbno4jBimtimhZ-sYV3GQqQqTorF1HE3fWMzT9RajfsM1iRHk7MUN4lWZiWSjGUut_dvJXDGZrqm92OE-Unr1d-dXHtqw6LJEjB6eDz6uVXjWxDckeSy0x_ONePUZtLCVV35Cs7goaK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
file-types.svg
ufile.io/assets/img/icons/ 		29 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/icons/file-types.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2600697
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiuUFt8i0%2FtC7T4Bv2ev6MGmDeKdMbL6ILRqVPPNh%2BCZp1Z4347xF2dVw72LnmpJf6EPrJskych6fQcr7uo9aps%2FNCb68fkL9Ioi5e%2Fjbsqd9%2BzOVZjVocpd%2Bht%2FYKSliroH%2Bmq0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
73dca1815b598ffb-FRA
expires
Fri, 21 Jul 2023 14:25:59 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 20 Aug 2022 16:50:57 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1478
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pPMTR3x1MXI2cHdtKzNuOVlkODN0a3A4dldhclg0c3d5anpTdTFiSFRNUU1YN0dXMTF1clRTN0lRWGZLeVZ2VTg3dzFIZllrM0xHVTBNbmxETWUzZWk0Vzdnb0tYSWRnL3dFRDNyNFRhUHFwVDBxWkxsaXg5NVZ3VWdrd1...
355 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pPMTR3x1MXI2cHdtKzNuOVlkODN0a3A4dldhclg0c3d5anpTdTFiSFRNUU1YN0dXMTF1clRTN0lRWGZLeVZ2VTg3dzFIZllrM0xHVTBNbmxETWUzZWk0Vzdnb0tYSWRnL3dFRDNyNFRhUHFwVDBxWkxsaXg5NVZ3VWdrd1NtNkJuTHE3LzZpWXU5dGl5djdBd3BXYmRYTUo4YUs1bkM4RjY5UjVuSzNCR3JpNWdicWFZbVFyVldVc3gybEo2R3BscEhxV1BESlVjMEVVc3crdjc0bFJnS2x0MDdMcUNxdWxDTWptS3RsMXBnc3FUd0FJPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ccd695fea5c3ca4fd39d824c339ac397a68d641c798c92e73ef5a4a611473b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:56 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2986
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:56 GMT
location
https://mug.criteo.com/sid?cpp=pPMTR3x1MXI2cHdtKzNuOVlkODN0a3A4dldhclg0c3d5anpTdTFiSFRNUU1YN0dXMTF1clRTN0lRWGZLeVZ2VTg3dzFIZllrM0xHVTBNbmxETWUzZWk0Vzdnb0tYSWRnL3dFRDNyNFRhUHFwVDBxWkxsaXg5NVZ3VWdrd1NtNkJuTHE3LzZpWXU5dGl5djdBd3BXYmRYTUo4YUs1bkM4RjY5UjVuSzNCR3JpNWdicWFZbVFyVldVc3gybEo2R3BscEhxV1BESlVjMEVVc3crdjc0bFJnS2x0MDdMcUNxdWxDTWptS3RsMXBnc3FUd0FJPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1484
content-length
482
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2541851722790880&correlator=2420791155366694&eid=31068927%2C31069030%2C44770639%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=2&adks=2383113923&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.11%26hb_adid%3D82536bcae434a54%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D5%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3Dpubmatic%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3Dpubmatic&sc=1&cookie=ID%3D4dfde6bd1f114473-22384de3fdcd008a%3AT%3D1661014255%3AS%3DALNI_MZZkuyygLEv7m8xj9HZ594kKLHHvA&abxe=1&dt=1661014257319&lmt=1661014257&dlt=1661014254960&idt=251&adxs=230&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2F&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=663196376.1661014255&ga_sid=1661014255&ga_hid=1089845007&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d9a017fb9c5ce88223233fe2ad652e3542b9b666de3c33b1c5d06b28f226a84e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12511
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2541851722790880&correlator=2420791155366694&eid=31068927%2C31069030%2C44770639%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_728x90_stickyfooter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=191736179&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D5%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3Dpubmatic%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3Dpubmatic&sc=1&cookie=ID%3D4dfde6bd1f114473-22384de3fdcd008a%3AT%3D1661014255%3AS%3DALNI_MZZkuyygLEv7m8xj9HZ594kKLHHvA&abxe=1&dt=1661014257324&lmt=1661014257&dlt=1661014254960&idt=251&adxs=0&adys=6747&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2F&frm=20&vis=1&psz=1600x6747&msz=728x0&fws=128&ohw=0&ga_vid=663196376.1661014255&ga_sid=1661014255&ga_hid=1089845007&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
02b404a7134ae0fa79c5812f2a54eff95e2f2fc102a45e9de459426f737d9edd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10584
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2541851722790880&correlator=2420791155366694&eid=31068927%2C31069030%2C44770639%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_mid_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=4&adks=740537729&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D5%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3Dpubmatic%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3Dpubmatic&sc=1&cookie=ID%3D4dfde6bd1f114473-22384de3fdcd008a%3AT%3D1661014255%3AS%3DALNI_MZZkuyygLEv7m8xj9HZ594kKLHHvA&abxe=1&dt=1661014257328&lmt=1661014257&dlt=1661014254960&idt=251&adxs=230&adys=833&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2F&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=663196376.1661014255&ga_sid=1661014255&ga_hid=1089845007&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
256bd8f357454308a6de2baee717690a2545cb18a03bfe2772e8f6d819994bfd
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIrYsabw1fkCFQuJ_QcdbBAIGg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15396564916658282422/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIrYsabw1fkCFQuJ_QcdbBAIGg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15396564916658282422/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43162
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sat, 20 Aug 2022 16:50:58 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pPMTR3x1MXI2cHdtKzNuOVlkODN0a3A4dldhclg0c3d5anpTdTFiSFRNUU1YN0dXMTF1clRTN0lRWGZLeVZ2VTg3dzFIZllrM0xHVTBNbmxETWUzZWk0Vzdnb0tYSWRnL3dFRDNyNFRhUHFwVDBxWkxsaXg5NVZ3VWdrd1NtNkJuTHE3LzZpWXU5dGl5djdBd3BXYmRYTUo4YUs1bkM4RjY5UjVuSzNCR3JpNWdicWFZbVFyVldVc3gybEo2R3BscEhxV1BESlVjMEVVc3crdjc0bFJnS2x0MDdMcUNxdWxDTWptS3RsMXBnc3FUd0FJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 20 Aug 2022 16:50:57 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1505
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 15:10:10 GMT
content-encoding
gzip
age
610847
x-guploader-uploadid
ADPycdtOeWvsDFPiWsWQ9evx4YNQGTd8nY_VAUfr8nrF_l5_DYpV_n0fBRS6CyfSjINRA5AOcNv0zYTnrujHlQUIkYJQ2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 13 Aug 2023 15:10:10 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
cache-control
public, max-age=86400
last-modified
Sat, 20 Aug 2022 15:03:35 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.102.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-102-143.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:46 GMT
server
nginx
etag
W/"62fb454e-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Aug 2022 16:50:57 GMT
container.html
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7ED1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:57 GMT
expires
Sun, 20 Aug 2023 16:50:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp&cc=1
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1f716cbe7b345f183af97069614c51fc8246a7271a8cd2ea42d16641361a2849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
via
1.1 google
etag
W/"55-LqZldpqk3VevnLYOT5VAPGvsLIc"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 20 Aug 2022 16:50:57 GMT
via
1.1 google
access-control-allow-origin
https://ufile.io
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fufile.io%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8211 		624 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7ED1 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDxLJ2TMAKD7CjUZnINHU_vWCn24oz83C8v8mJPeONSMcb5GjdFlTrmq4lHI71-JPSCzamfmGqdjUmnM_DeuzqnGIafnpboj4tPboHZDWACnAciPA7uwErIKRiKUcw7JoZnICljsyYTLpgz-cUgcS8L2Rzmw&cry=1&dbm_d=AKAmf-B5fhIwVzI2TaXW1lUgznb6dIEYASU-QHpr5olzjsqxq2E7EP4tLUaCH0yd0iWAbxhN4W2e3iYNm-njTjstojPifOkrd1Thz8ku1moThME3Pd7jWvOOcmWz_H7UiK_VDUw4Ml6jnFk1IKrrFj9jdCuDZbBT-84j2QZtq6KxwaUx8L8_ih-P8HEd7bTPxH3k248g7HnxkqnyjrhFqo0KDJv25pb8ZYr4HM8slFDAUp3Quhb5yt2-MFvnHS7oX3sf9PoWuDdO0kpyU9aOh65He5Wo0ia5j1ZmZcmLhqVbFCgzx7rhrjrkTPZhyb1jHcv8U4VNRWTsy5bgHtHyDLsgTUOjmWuok4LYWiiSffoFTXr8OeArDXFqGsP8VC5-Wv1f7uLDPGyX_iq_jvQTU6cdqE5crB3kK_F5KnXJvhp5f-bct-up5XR3K-MLvgwJNx11ganuyLwHTO7oknDgjEW8pJK_d4I941ecZmvGzq0BYluCInRO9jiycIflq6WHnnaJ8jNV_0tvDynIM7hxFcUgPQFM4sW4y1z6pj3Z7ecOhAfeCijhoy9ld90hNS7FCnfbcdV1_28zwddWzEeTFBg6Wk9qV0IO66wi655NdH5pKa15olDJGR69RpZWHd0ORmMxkawNyIiow4Tn73CCsX0V94PuYK7LayI1H3mkrskSTSj1AEgmazNelE-2PJrW83Og8qX0OLuuTllyuzPTXnqkTo7WZTJeSKcVDq89FPFxIRkKJCFZPUHYhCQkwsrmxx04YvUTqtNEQkcaS3aMk95g6IS-CY96_nwPTtx8Rm-iGj-NhFkxeUZx9YTqN3vZhV2NAopw3TIjG0K03afTPTfYMyXIJKatsQv5qPIgdGwG3IZRFQxO0JYlAU61LF9GGCpfe6goxl-OglOeivUR-BcCGknigIeIaquAVKdM_nLpPCN8tmuRd6vSa2J_Ry8CxjEfBYnvuLZsSa2uJ_nWUWd49qUpbn4ede88D80VIgr-5IUAID-ZD8vy7ghXdw_KfOOUy-BfwTr3RxxsQvk8rv8ocrjnZlWgLw7R8UZ5BxWu6wDDICtnNGPA7A7JT76-teC1MOtm6qgbufI6N3buF6he54SGCMt1jysyCfN22KfJ5Do5TrJkYMjQ4gfG-MW1AUmlPgo_aCN1YZLhrBEsOleXHQTb4phpqhpPkIWUced9coxFuTZ6dy0FwZ620EOXO_EDxZU7LJRjKjqw77rp2zP2TWeSfB2YnASB3eUMGOIXzDAxf59rM5Nhu7e8IepIh532I2riDXHMyzZZb2qqlpiKgPrC6tg2V6f4WkAHLJcuRN3yLWEpGiU8RlXz5u84m3YWYJIaBhOZpwJl3f8-ZpX6SNAtgNDghSj4T4RTl0JLBj6MYgndDuQPuEAD5Dy0PGL1cMhPlI0lI_gIzApBE2G8oAgwTo0D3kXoEyFXWoFn_UE81FnJcl0yTX4QsXeLC7l7z81gFj-W_U6oYA_LQk7SSwBPFYLoikwStFS1X0Ed8MAT3BHeWLU7npNEstrVKQKJNvaTLPvKxQihjRqaV9R_A4sFkfOjukqG2oQNZU1PpG6Y1W2S6S6EQIaXtDHm_T1BZmXCSxPo1znlLgeEu-Xdo1Ze1iWY9WgrbqZJettVhxZN37qSuSMoYQmKfuwBUUV9IaoGHNq_ldCpw8wYUAb_SfX6O19-Qhmskbxos2cJh1c8pE7iRRkbROnz8AfKjsuGdZClBsZfEJPY2H4Bi20gE5MbTJCTqokA3hfjcCbQjM36Ng07d8iPjdkzw4ujYxSMy8Tg3L7p6W7XU4uVE7ooVCxXr90tnUwZ0BATKHxr2N30y6D6vC_hU8uADGziT-_AYSgVUHCelSbHQYbjf55-KLydGRqi9oqqXVIFfIoVCIB0TcXp_wSUdgorveSvjjY6WGbBiPLH6aO3hsBY911RJpEmZkqNQnQViSGc_osp7CdCDT7QSjY7AbdvKnUnTtnaVjAu8FFKeUhEhJc-JGQwncSf6Wr5A4Ta1GUi43cdiPY0QqV_W8nA-st4V30KxacEtq8Y3a0Xtq0ao9k9U4VBZ-VQ_4If2mpyGFEG_I62SK9BROriLcbPD-ldi0Q5TFTQSnEFmooV-_tcOYoBgDLKJwPd58C8hfljErIWC7io7HTQyq5DXGjQxe6YOBzadm53qKPU5pwT_zXuC1FT4GHn1egXdd2Ut18EGL8-A2fYBTvTrzZ6sbNWTHPTODDZL2NDHYrIw1eTNrOE3wWcd87OPgFLLVdqt2GOxgi1_EzD6KSwLUrZv6wLd8K8ckR2NQRzHZWq06uRJREaj0pO3QGWlOkYIfldGtAZcIxionH1S4fvcRKBPCY-xcpVBKwYtCPwk5GETYRm-BEVdeSHpHlM-HExvVRfVxYSXWmVurH7knVH7Krm10zrQlLaqIPQrgf6UJKNQ9EahirN086S-Wc3ZDtah06wWuOfO2Ou1tbrdtYeed4d7INjzuyqGefuV_glQUcac7iBiP0tbTOrHh3hpWHUigUcN4NQZs3cphV5MYkDtYm52qfNbC8k9ck3eI_AF1H403YxqBc1X8Opoy64oxgO7GTksVkdp7NVmaqI6DC_X41ryn5L4paJVlABOc9UFvr_-Hum9-EnI2ARxJpRe5XJoZ-uk0IV6AOd2tlwQNuuv39Fto01_PBJHRVlRwkHYhBKCx3zeC8lUZid8YN64ql-vuAhByoJvtBCHuAKg2mFvH2c26jZIdEECk_7tP3OK7-neRuLo7LFJ8L-eLZ-gMM1aLvF9SZDmW5TdoQf4bzzGMBgbdVJn8Cs9haXW9PhbUXUb_RD50Y1HuF9htdBXajovb62poW3XAR5YeF82k8-nNAQusKdECLAja4yY-ABgtIvLAp47DAFA84i29Osbz9SR9-IfjNWVrJFOKs4Mg618WLRkJ1k0pBtmgH7BHJUW1iMkz_H5GCqzL1H2BrT1kgpUmIimQoOSXSwp7FALWiuCSqZieFiAT7ZYovayb78PrSM_NcDoibnjQgRyeBI8lIlD1HydoDYR7-w1JkeElBSrHMvT2LEjIhOXZYdzyGVbVTbfY2FQjqvwm6ZK1bMVcYvPW-fL6ypQ_tJQoNEeLDNptwp9GbMxTN_cDUm4AwhPXFbzrbBNTamQzr-rkf1jo6rIGwXRrCFsc5REYj8tNJXlbF7_x_njNtusG1KgLD9hYUmqH9Ng0FNzjh_triw0XRZBPDNRQ&cid=CAASJORoeWYAjKhUUZw7qb8CWK_hDx4lFUrgDLNveJ8SA1p2_Hi24Q&rfl=1%2Chttps%253A%252F%252Fufile.io%252F%240
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb2db15a118eb6023b5fc113afb0d05ad42fd9beb710d55dc3ca02546393fb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ED1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARSZ7yDKnvhlfqYGNDiYUZAjL00Vq3zy-LhNcEFlMLYSuWBUL7-zLqcC-g3yVtBpN-9dB2hXwcufBhMmgbHazKQoYABsQMYoxpYkRHOeixh9Cqi5Y
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 7ED1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6403183&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hawluYPEjjmvG7d39TIT1n&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16702648460&DVP_DBM_4=414878587&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=568750341312&turl=https://ufile.io/&DVP_PP_BUNDLE_ID=
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 16:50:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Jul 2022 08:29:57 GMT
Server
Microsoft-IIS/10.0
ETag
"f8e0a365b799d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame 7ED1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hawluYPEjjmvG7d39TIT1n&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16702648460&DVP_DBM_4=414878587&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=568750341312&turl=https://ufile.io/&DVP_PP_BUNDLE_ID=
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 16:50:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 11:29:43 GMT
Server
Microsoft-IIS/10.0
ETag
"806d3afd50aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7ED1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:37:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7ED1 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:50:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7ED1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:35:14 GMT
syncframe
gum.criteo.com/ Frame 2399 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ufile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:57 GMT
server-processing-duration-in-ticks
3308
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2399
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=3&topUrl=ufile.io&bundle=cyuUdF96UVZ3N3dZMEVEMzd4dHQyUnJHNndiWllKSCUyRnVsJTJCZFhtJTJGcDh5S3YxUjQyaUl0a2R...
  • https://mug.criteo.com/sid?cpp=v8gkUnxGaUg4OE1Bd2kzelJvdVFNZ1pTdzdWMXhMYU1QVGQ3MXdoQmM4b1dnVUlUSzUvaCt4azcrK1FlYnRiVnVSZXhpTm5qNStwUEsycEIrdjExLzZBenluUTlpSUxoR1BDN2tudUM1b3poWE4rUWJ3S0NYUnJEVXdqa2...
433 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=v8gkUnxGaUg4OE1Bd2kzelJvdVFNZ1pTdzdWMXhMYU1QVGQ3MXdoQmM4b1dnVUlUSzUvaCt4azcrK1FlYnRiVnVSZXhpTm5qNStwUEsycEIrdjExLzZBenluUTlpSUxoR1BDN2tudUM1b3poWE4rUWJ3S0NYUnJEVXdqa2grd3B3VEtNSU5TQ0ZRMUxzVitiRmhEY0tPWDdwSEpydUY2dHU3STB5VEE0bk42Z1R3TEwyS0gxN1dxTkI4OUJXNk9Hd3NPSHpvNzBNZTlBMklRQUlEanFEZktjYnRrUlFBUklnbXRpbU1qQVAxQ0w3Y0NFRElQWVdWTEVmQnVtbTc5ei9IMGpFc2dxaDJRb0lZMVQ4YVRaSWRyTnh4dz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
345bf1e89765dfe63c693595c916efb95f80ecd1eea9609c700500b3cb3103af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5340
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:57 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=v8gkUnxGaUg4OE1Bd2kzelJvdVFNZ1pTdzdWMXhMYU1QVGQ3MXdoQmM4b1dnVUlUSzUvaCt4azcrK1FlYnRiVnVSZXhpTm5qNStwUEsycEIrdjExLzZBenluUTlpSUxoR1BDN2tudUM1b3poWE4rUWJ3S0NYUnJEVXdqa2grd3B3VEtNSU5TQ0ZRMUxzVitiRmhEY0tPWDdwSEpydUY2dHU3STB5VEE0bk42Z1R3TEwyS0gxN1dxTkI4OUJXNk9Hd3NPSHpvNzBNZTlBMklRQUlEanFEZktjYnRrUlFBUklnbXRpbU1qQVAxQ0w3Y0NFRElQWVdWTEVmQnVtbTc5ei9IMGpFc2dxaDJRb0lZMVQ4YVRaSWRyTnh4dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1736
content-length
541
expires
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7ED1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDxLJ2TMAKD7CjUZnINHU_vWCn24oz83C8v8mJPeONSMcb5GjdFlTrmq4lHI71-JPSCzamfmGqdjUmnM_DeuzqnGIafnpboj4tPboHZDWACnAciPA7uwErIKRiKUcw7JoZnICljsyYTLpgz-cUgcS8L2Rzmw&cry=1&dbm_d=AKAmf-B5fhIwVzI2TaXW1lUgznb6dIEYASU-QHpr5olzjsqxq2E7EP4tLUaCH0yd0iWAbxhN4W2e3iYNm-njTjstojPifOkrd1Thz8ku1moThME3Pd7jWvOOcmWz_H7UiK_VDUw4Ml6jnFk1IKrrFj9jdCuDZbBT-84j2QZtq6KxwaUx8L8_ih-P8HEd7bTPxH3k248g7HnxkqnyjrhFqo0KDJv25pb8ZYr4HM8slFDAUp3Quhb5yt2-MFvnHS7oX3sf9PoWuDdO0kpyU9aOh65He5Wo0ia5j1ZmZcmLhqVbFCgzx7rhrjrkTPZhyb1jHcv8U4VNRWTsy5bgHtHyDLsgTUOjmWuok4LYWiiSffoFTXr8OeArDXFqGsP8VC5-Wv1f7uLDPGyX_iq_jvQTU6cdqE5crB3kK_F5KnXJvhp5f-bct-up5XR3K-MLvgwJNx11ganuyLwHTO7oknDgjEW8pJK_d4I941ecZmvGzq0BYluCInRO9jiycIflq6WHnnaJ8jNV_0tvDynIM7hxFcUgPQFM4sW4y1z6pj3Z7ecOhAfeCijhoy9ld90hNS7FCnfbcdV1_28zwddWzEeTFBg6Wk9qV0IO66wi655NdH5pKa15olDJGR69RpZWHd0ORmMxkawNyIiow4Tn73CCsX0V94PuYK7LayI1H3mkrskSTSj1AEgmazNelE-2PJrW83Og8qX0OLuuTllyuzPTXnqkTo7WZTJeSKcVDq89FPFxIRkKJCFZPUHYhCQkwsrmxx04YvUTqtNEQkcaS3aMk95g6IS-CY96_nwPTtx8Rm-iGj-NhFkxeUZx9YTqN3vZhV2NAopw3TIjG0K03afTPTfYMyXIJKatsQv5qPIgdGwG3IZRFQxO0JYlAU61LF9GGCpfe6goxl-OglOeivUR-BcCGknigIeIaquAVKdM_nLpPCN8tmuRd6vSa2J_Ry8CxjEfBYnvuLZsSa2uJ_nWUWd49qUpbn4ede88D80VIgr-5IUAID-ZD8vy7ghXdw_KfOOUy-BfwTr3RxxsQvk8rv8ocrjnZlWgLw7R8UZ5BxWu6wDDICtnNGPA7A7JT76-teC1MOtm6qgbufI6N3buF6he54SGCMt1jysyCfN22KfJ5Do5TrJkYMjQ4gfG-MW1AUmlPgo_aCN1YZLhrBEsOleXHQTb4phpqhpPkIWUced9coxFuTZ6dy0FwZ620EOXO_EDxZU7LJRjKjqw77rp2zP2TWeSfB2YnASB3eUMGOIXzDAxf59rM5Nhu7e8IepIh532I2riDXHMyzZZb2qqlpiKgPrC6tg2V6f4WkAHLJcuRN3yLWEpGiU8RlXz5u84m3YWYJIaBhOZpwJl3f8-ZpX6SNAtgNDghSj4T4RTl0JLBj6MYgndDuQPuEAD5Dy0PGL1cMhPlI0lI_gIzApBE2G8oAgwTo0D3kXoEyFXWoFn_UE81FnJcl0yTX4QsXeLC7l7z81gFj-W_U6oYA_LQk7SSwBPFYLoikwStFS1X0Ed8MAT3BHeWLU7npNEstrVKQKJNvaTLPvKxQihjRqaV9R_A4sFkfOjukqG2oQNZU1PpG6Y1W2S6S6EQIaXtDHm_T1BZmXCSxPo1znlLgeEu-Xdo1Ze1iWY9WgrbqZJettVhxZN37qSuSMoYQmKfuwBUUV9IaoGHNq_ldCpw8wYUAb_SfX6O19-Qhmskbxos2cJh1c8pE7iRRkbROnz8AfKjsuGdZClBsZfEJPY2H4Bi20gE5MbTJCTqokA3hfjcCbQjM36Ng07d8iPjdkzw4ujYxSMy8Tg3L7p6W7XU4uVE7ooVCxXr90tnUwZ0BATKHxr2N30y6D6vC_hU8uADGziT-_AYSgVUHCelSbHQYbjf55-KLydGRqi9oqqXVIFfIoVCIB0TcXp_wSUdgorveSvjjY6WGbBiPLH6aO3hsBY911RJpEmZkqNQnQViSGc_osp7CdCDT7QSjY7AbdvKnUnTtnaVjAu8FFKeUhEhJc-JGQwncSf6Wr5A4Ta1GUi43cdiPY0QqV_W8nA-st4V30KxacEtq8Y3a0Xtq0ao9k9U4VBZ-VQ_4If2mpyGFEG_I62SK9BROriLcbPD-ldi0Q5TFTQSnEFmooV-_tcOYoBgDLKJwPd58C8hfljErIWC7io7HTQyq5DXGjQxe6YOBzadm53qKPU5pwT_zXuC1FT4GHn1egXdd2Ut18EGL8-A2fYBTvTrzZ6sbNWTHPTODDZL2NDHYrIw1eTNrOE3wWcd87OPgFLLVdqt2GOxgi1_EzD6KSwLUrZv6wLd8K8ckR2NQRzHZWq06uRJREaj0pO3QGWlOkYIfldGtAZcIxionH1S4fvcRKBPCY-xcpVBKwYtCPwk5GETYRm-BEVdeSHpHlM-HExvVRfVxYSXWmVurH7knVH7Krm10zrQlLaqIPQrgf6UJKNQ9EahirN086S-Wc3ZDtah06wWuOfO2Ou1tbrdtYeed4d7INjzuyqGefuV_glQUcac7iBiP0tbTOrHh3hpWHUigUcN4NQZs3cphV5MYkDtYm52qfNbC8k9ck3eI_AF1H403YxqBc1X8Opoy64oxgO7GTksVkdp7NVmaqI6DC_X41ryn5L4paJVlABOc9UFvr_-Hum9-EnI2ARxJpRe5XJoZ-uk0IV6AOd2tlwQNuuv39Fto01_PBJHRVlRwkHYhBKCx3zeC8lUZid8YN64ql-vuAhByoJvtBCHuAKg2mFvH2c26jZIdEECk_7tP3OK7-neRuLo7LFJ8L-eLZ-gMM1aLvF9SZDmW5TdoQf4bzzGMBgbdVJn8Cs9haXW9PhbUXUb_RD50Y1HuF9htdBXajovb62poW3XAR5YeF82k8-nNAQusKdECLAja4yY-ABgtIvLAp47DAFA84i29Osbz9SR9-IfjNWVrJFOKs4Mg618WLRkJ1k0pBtmgH7BHJUW1iMkz_H5GCqzL1H2BrT1kgpUmIimQoOSXSwp7FALWiuCSqZieFiAT7ZYovayb78PrSM_NcDoibnjQgRyeBI8lIlD1HydoDYR7-w1JkeElBSrHMvT2LEjIhOXZYdzyGVbVTbfY2FQjqvwm6ZK1bMVcYvPW-fL6ypQ_tJQoNEeLDNptwp9GbMxTN_cDUm4AwhPXFbzrbBNTamQzr-rkf1jo6rIGwXRrCFsc5REYj8tNJXlbF7_x_njNtusG1KgLD9hYUmqH9Ng0FNzjh_triw0XRZBPDNRQ&cid=CAASJORoeWYAjKhUUZw7qb8CWK_hDx4lFUrgDLNveJ8SA1p2_Hi24Q&rfl=1%2Chttps%253A%252F%252Fufile.io%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:07:23 GMT
rum
dsum-sec.casalemedia.com/ Frame 8211
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1&C=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73dca189997c909d-FRA
pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf01II75a238AS9mq6kK8DZSETzd%2BfulXwALzUKSBGrQzP26vE7GcMNcuiGgNY%2BiznHbrVgxnqzzy95tbBFgPhbdNIsmiHHzyvzLw0Hh0lz554TOs7YUiKWmdkYsChXdC4fTc%2FX0ghv06Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt6kbh9sEJIBcm8HWKow2SKJc43U1UxGnPPJwjRPEJNQXYAhCE1%2BSPljChEcU%2BBcq1AMZQfBN6Py%2B6TgCoUl%2Fxas4bq1o6oAgEdudUNHoVsTdfQSBXhE1M7D8LIWQqJZhqzrDvaRMpphsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEK6hGIf85v1TZDrQLS23AHw&google_cver=1&C=1
cache-control
no-cache
cf-ray
73dca1893802bbdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8211
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwEQ8iYmui07mbuQbd.WGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEP7g1giloALG_i1VsdZwQ&google_cver=1&google_hm=2
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEP7g1giloALG_i1VsdZwQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73dca18a6a1f909d-FRA
pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbJ%2F1CHm%2FVmZbNLwLoHjUnW1B2r%2FcoBNH5tnCScfOUNwJnm%2F1fxs1NZbi6RcdI5gcFzb5acfKjbFb6NhRnClOeMVEdJfq8ntS6y6QgtAxyiwIMNViVrXpJ95beqnUfn5SDCarZEr4N13nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEP7g1giloALG_i1VsdZwQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8211
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJuUmoJlmOW5nddUzkAcoos&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuUmoJlmOW5nddUzkAcoos&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:58 GMT
X-Proxy-Origin
217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0301af9d-526b-4199-8f6d-562f32a12bc1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuUmoJlmOW5nddUzkAcoos&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8211
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-5bqxQEwAQ&v=APEucNX3V-cfRDNiUNeKS8UikuujS2UDrcajK-zdc0Lry7MlcQjexYn_Is2HistZUUrebmb1M7DYAGlmPovek04tgdop08HTKEZkycim1lYPHp2Z_2FKLg6jp9yKoNcgO0rIoo7KSxOsI3MBTbL2IuZUlkC0Q5DA6CukkiWjiIFqNsfryK_JP4k
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:58 GMT
X-Proxy-Origin
217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bbaa881d-7bd9-4167-8433-795a7fe098b1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 366D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 14:07:24 GMT
expires
Thu, 17 Aug 2023 14:07:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC6D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:57 GMT
expires
Sun, 20 Aug 2023 16:50:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal107.js
cdn.doubleverify.com/ Frame 7ED1 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6403183&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hawluYPEjjmvG7d39TIT1n&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16702648460&DVP_DBM_4=414878587&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=568750341312&turl=https://ufile.io/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 16:50:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 14:27:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0f7cd18d7cd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18120
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 366D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/ Frame DBFE 		74 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8582576c9951be38ffe5b69068d0260b9c8edec20bb80a64a70c6336796abda
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
66145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18138
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 22:28:33 GMT
expires
Sat, 19 Aug 2023 22:28:33 GMT
last-modified
Mon, 29 Jun 2020 12:51:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame EC6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHsFf8RABY8qbLIuS9u8P7KCg0AHM0OjNafD2hKbTC5eKgOaNGBABILXo0oABYJWCgICgB6AB_4ew-QPIAQmpAgC2A1Ei17A-4AIAqAMByANIqgSJAk_Q8nc9cTvC4xyZYWaP0-8vNd5FRCocxCHY-QdLXBognRxGmtjIsLaPHNE_tzzliXt03u8uHjXkUDJIwDctoaw6C1dGTfCgynvuK_lNAAE-isDscLM4ov5LOtK6CJ6wU5y7J-y31_s1-gyKaNv1Cu-13sOjSmTT_PUdkUU67uvaZqczAOahJ1CitciF2D0ZHWS-PazMaefmPcMQrIOEFhmql7q79ALBah-e5uHs8G4U0fYGaKiTo92z7CzA2DWjkiUOUnradynJOQ8KwX_E5UB0GixekviL6B9ptrL2SSNTzIp2AXDAG-AmZVMbR1tZztPDS73LnYq5sQVS6QbCKI9ci61JDXLbrq7ABOCx5qiXAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfp988GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgYZB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODc4NzkyMzkzMDQ3ODYxOBiovHg&sigh=vgp7OM-Gx7o&uach_m=[UACH]&template_id=419
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame EC6D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:43:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:43:24 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DBFE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 21 Aug 2022 04:11:28 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DBFE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 21 Aug 2022 16:14:17 GMT
verify.js
rtb0.doubleverify.com/ Frame 7ED1 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_373888832747&jsTagObjCallback=__tagObject_callback_373888832747&num=6&ctx=1828362&cmp=177894&plc=6403183&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=373888832747&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=104&bridua=3&dup=null&turl=https://ufile.io/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hawluYPEjjmvG7d39TIT1n&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16702648460&DVP_DBM_4=414878587&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=568750341312&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauF7%3A%3D6%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauF7%3A%3D6%5D%3A%40Tar9EEADTbpTauTau5364_a6haa_d45e65%60c7hfb_f2%60_6%60hc%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.00&callbackName=__verify_callback_373888832747
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
840b86f398c3dcb013d15776fee7479c9a7f2fa728948b8d18a4fc60801d988a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:57 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Expires
08/19/2022 16:50:58
s
googleads.g.doubleclick.net/pagead/drt/ Frame BFC5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 16:11:16 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame EC6D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:37:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame EC6D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:35:14 GMT
l
www.google.com/ads/measurement/ Frame EC6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1N7mGDEJ9qvTOtXGXSNVUNrRRiWgI1J7au-rr06qxGIXs1kazIRkRh451We4yCpWhQqwGnc-b5CRdUs7DvSrX9ddGNQ
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC6D 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:50:58 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame DBFE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 17:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
85377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 17:08:01 GMT
728-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/ Frame DBFE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/728-1.png
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e940c384c48d52dd2aabafdf2168c5921129032d687bd54d777b587f35cf9598
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
305802
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10386
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 12:51:55 GMT
server
sffe
date
Wed, 17 Aug 2022 03:54:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Aug 2023 03:54:16 GMT
728-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/ Frame DBFE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/728-2.png
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f39e6327e758f12fbbb2aec14b1660dfb246a81ccf5fae5b37d6a521b7c22c86
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
495094
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9530
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 12:51:55 GMT
server
sffe
date
Sun, 14 Aug 2022 23:19:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 14 Aug 2023 23:19:24 GMT
728-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/ Frame DBFE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15396564916658282422/728-3.png
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d1df0a19d1a67d45d3d8215f5d194acb8f35d3107f39dda4e154cc272f3be36
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
495094
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8074
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 12:51:55 GMT
server
sffe
date
Sun, 14 Aug 2022 23:19:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 14 Aug 2023 23:19:24 GMT
truncated
/ Frame EC6D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd1bbb3035cd59fa863f2b7051cf0ba278d3731455d229bf8fcfc9e1cdfd4111

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
pd
google-bidout-d.openx.net/w/1.0/ Frame 4753 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 20 Aug 2022 16:50:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
si
googleads.g.doubleclick.net/pagead/drt/ Frame BFC5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:58 GMT
expires
Sat, 20 Aug 2022 16:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 366D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6_hy8RABY-nCOs_T-gbxr4rQDgAAAAA4AeAEAg&bg=!kpGlkdXNAAYUOm8VNDo7ACkAdvg8WuYjM7mzRcJ2eWcQ-kiDV_-yHcaxgzBYoTp4cBU4RsmBMppc0wIAAAC2UgAAAAJoAQeZAw3iHGtGRFT5X2EJ37sGsm3alhNwv_xUrjpXkT-4p6U4sranqFZgQangObVsJCHnvxU17rhjvttGaO7t6l4EnIc8tsXYVX-rPLy8OvrdkwkzaBDT8mmszCZ1_igOockzAL5QC1OvavHaHuU4LsH-dJwbUchR6J8U-5dYtPeXabMXkd4-_rcZ_-waoEpuxJgROPYDc3FN13tEDbDNKRY9sCsVJ45ybm1XJYAjYxVg38rwakGHvr7s3qOxdVLtPLc-KsybSdT-ZEHqFSANesonGOfuDMlFAozFCyRBlqtg64-H1clz3O-yTDxAFdOalZnQr6K4HYxxoZJYrJWxC61L5PJHbd2GdY97SwYZ5u4RnoiWtJo3e7s42vWQh4pi7nqatvVhNCRm0aORqJK0Gcsas_kRvx5qW7za1Oox0rsCnuidA6JRztTP2aAR9ptbY1NihIhj47kXGZR0MiArW3AyW7nZhCE-7qrumm9h1A45ro8jlal_duUEvM_WJRFefFxevaan8I5YGv0zmrGUtIXWUo4st5gGRjrDrNYo0dd_loaQN3yA2xlXKxHatuGi-iSNp4NdO3lkvpAHMa60-qwaSnIlch0_W7icHZhwdsH1hx-1FA1LmzkWdsSF91v45qDa3M17OOJUnsrO7ftQW_7VajbChquTkOFDBExPivz6lHMKaQSJpM9xYZCBER1xVTBwAvgkaX1H7vvhn0IwzXZwgQQvTYmQvvCE2_vCQUTJUUaYXyF6EWTjeu3UcuqKNkHpF-G-roS9z4W5KFzIEviaR8yxy_Hb5ua3x3THlgfSrQZEeI_q-ruR0ghEKGcbWkzXOYQmpu4EAcDauXhADrHZ88ICFWVryAta3GSduOcy7b01xcQzCEZrQ1MQx4aS0OIJzHsaIEHtskiIzM9rUzcqEdWLWcCUjb36PUHec7fkcsMxMWg0KDd7hUPbi0xv7ovkw7-ef75AwHzVzRxQypTKlAYFHQhladFvaMDGIv5lPzo9kAD1gnwpunvvq4pOTn7Tu5p9NQan9S6ioB2N40QJ
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:57 GMT
expires
Sun, 20 Aug 2023 16:50:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E5B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 36B0 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp758aa6Y02Shu1FBvCOgQI-cGTqvOOoPwjljyrQEHR2tZyeqYkn4cR-UWRrwqGpzNFYZsUKkHvsLJ_zgte_cCybN48RnT2UZTqKh7bk7icqIx4vmTZmJvfAcsJJ6Riq8_kumIJLSn_rLeHHzIKT2Q80RMpA&dbm_d=AKAmf-CBi5I7qFz0QmLafnd4bfgNItMWPd_yiA3MDGY6uMInxHDDRhDUtotczWLJwtEJapbF3pFSeyLG_OA2lmgvQrqaH8HqGEbc27Av5X_9zCmc_nBCgeqJBI_zfHruZ9bx0x5udHSnM_FSUxxfZylhIkVEmTWHzKoO2jSCCZ0IY9Y96gAChGI9fHRQ5rVoMha8j_Got02X4SRCYPx_fqrbfT-Nk3au9WO5gNnICjQz_lAfOwSXBOpmFDirMTEotici_4ruQJAGfj9F-gF_l6uRvRj2QFaXRlLRcYSDPX6X8Flpvgexwz-tXF0_tvIsE0JyH_0iQS0-eaNBI9jar52W1AIdEPF_BianvxeLhB4HRZjyORROox2LSs6hnYvJbPz1ZU930ZWTn4BoXdohgT0Rujkn5aTfyqk8NQa_4CrUnT2lZOJfYsFTNTO7uKskNpoNKY3tvwcYR9eGp_ashnjEwws8vLy3BNMnXKfMuFmUew69ya2_ET5R_AXpcviWb88pCJZ6XFMtLMt0h_W7wYZL02SFfNy0INbDP26gUomUdntam70hwv7nGAku0StCYURPvagJAJtk2Qr8AuSZB26v9u3hI2Ox4MRqLE2aZ208NLh5xlJ8_hfi9fJ6T8sKfe7Nq90Xq8aqYNy4Xvq9pOs0h8K8H9fDMFkr7jDHVY0Pr4_W05QSZtD76Qf-4serIxHo6rGqkYNKIDjlMPDVa0QNmCfr4EE5E0rngscvu-TyCLwvEbF5Bs7BcjeST8d9w11GS2VLDyCc6x7ZB-wZcLq4jt3LtOh8Mxdaa9unyd-hHlzq3CIdL3YFPuIaZrgfv4_abFAYQF1E_04Uca4YOq99tgc8_kTrzbMPKn1laWCf1aQdwhm2irst1sXtPLlJLPXlFBsYps0aCmeP3h9XU7Cmo3LyAbJ5qZv6N3D27v51G9b6bbxA-dxMr_iqt8zPzbL78QMfxhohoo62YqDFc2yANRs0gbEUe74_DldwUi50aSdO9VxYudN1qqDhUrlvRBLaO0nG-6rNPDD72hNwp-ywf7WSEcHuTob-icmFeOfN_8JmAL7eSJkp8yjy6jlygt4pNlYZNfwutWCiCySLGQOhR4YYcPn9J6STw2p-1U1J8eTpRDWXS4TzydBRli3t4yJVr48HMCtGmXaXJni8ysVsbK8JtHra1r1wW1f8dg4JnEoqiqUR7Ve5-vVICxrI6vY-bZ0r6TaPsiCOBv5oUrDH4OAZ3Nq2B-6FotgYQeGLbTcvgOku7SRDhhxgyIoqjqqfZZRWvceb4iLcD0Qbtkh1eD4-SJrrLzMNK6BzA_6-Ouq2fh7Db1_JvcZAfbP0QwxtPeSEe6pjl2qJ0KaDFWK3EofXtn7lgeB_RnrE16ai489t_Hkho2B9fMTujeEciCIpdJUC_ifhd_W0HC6wnN0xm5zOCGL389wrMSm2fC6fRFi69jQ5osFq6AXNX2BDhtR1nbY9iCV-IZlEHBclt_3eijnAzG5y-ZD6u3aY95zeoNtVT8Rq57Cog0b22mY6ef9y_-7M6MtEh5DRaOVbAPGE3iwUaRhsYCwgXYFhxxl-Gdhht6boMdK3v2fI2LMfz-c9N74wkecs2oiwqScrUQ6W_T5W9rFNV-eoafS9JTQGdcafvLURfHRQtCPiRDmQpa6P6qnimKdVaCyg1HLjyAOwW0kt4iOIVIL551M2xmF9D0K5GCAUu_y2ccrhAx3T5gq9JJLrvDJvf-nhXwtNw9v24gKJCHmYoGegfbpqnQhCqwL1UtJOA0kj1NiauloR2DXNr17jR8gySq8YVqcaiRw8ktfN4I6LM37exSHjkyl3-AFv9UipcPFxF2ttssB4CeuM7SOXGyLYT3rzWbABivdDFLEiz5WR_A_VfwxLJ5GwgeSIFrzwMQLej2npYTnYqCEDR5BYA4lDd4uJcL7TkVz0M_wTwiYWd1kgzqQlanL6zMz7H3f3G2W9leK04pmbCH2pcvSzrPewXMClH8VErXLK7XDJdAxldmtG-MNdl81hHT9GVxyaAVwInntOKKDLuU-2rg901ER8kdMBnTuTAY0fMslouItmwZHaACwByYXsv7GgcL57-GVbhVdMvQl3-hrOVreV7MoRTF59UPkeOCY03ZmQ5u6nA_jBXH4DtOJRAJw_FBzW0hzIrYRDnqIlRgurHGPvqxe6YLnl9IUafkzM5xwJu8Xe44TNEZ_S4heYLa_DlG26XUtvpSruTO897f4S6j6lbxVFu_lFYgatqVivplt1dbeIFsYSZWDHsfsCjgOkd7B_eQ21HHWTPsPP8zYCR7TjFljcyu-J0BZvQLzXoO3o3jVyldy67bGI68PkJYZatCGHv8ApdpBTktDTCs9qAtUCJz_kVdJNvdMEtRr4KiKfonI-WyRaJeasQj8_9840ptWGEWuEi4kxhiDPNzVkq446rK_KJXmksLYkEVhmBlm4S0fSNHIyFCOHgxnex6-3TasBVTqANMp7nTuo0nz5PoGlUxp1tIDtpkmPXqmer5ZKII1LURs2SPP0JDkUWpGBMcdUlkG3tBsHv8b-5n9OvdfoP42MHWWMRFYEZoMQvZ_HZ26fmoqoQYyaVDy1aBH4QFwDhCPpDI8aGqmiONDJZ2j4OZIeoVU7JE_8LluXykHdhxf99k-H2sH45uQBQm4xZN4Iw5XhDxtJpzNXrlm03sCoY4akBypfx1eKJSVOTdgBveVDGR40BVe_9Po5AeAyrzfgPjruVKXfphVXcZ5cxBEVXrq7FWpTRYwtOVbtX_I0PeiyWIqM07Mv3TAKYKcsqwyfT2JWs_Hogl03FhlRko8k4CyIHeoaBdfpv55KihYmSsRAdE43DAjgac4bGv-hSm_UFDfPFpNF-kaLlUFSnvF4nGChAAPm5-dxGFuPVPHar0JL11UHv4BcSRZ9FIC_XaL1dAp7NUUCvM1cyZThfwHePz4GBBYewW4C8LthW6VBPsJ0rpMFt9Tj2Oi8qmycGL2qfgTRMiWNm1HkRqaYpMu2GeNXf8YZK15T5XrUdkwd7T8lMCu30HC-snXq77HUXeYXWQKNTUIOX1uOO5IVqSh5DJJd542lMbiunQuBdan4SIv0hT4j_nldzTYDIiIPA3gJu2v24MkocW2a0wVN1_i5KlUStSCRNl_fkd8pL8JFpz8NoitvzUefHsxgJNLGMdmGfGqrUlQ2rmughntnR1ThBQ8h&cid=CAASJORoOnEMJ4Mo7mYtIcvaWAv3qQ7eb8jpdUPFGXBjkaYaztgkUg&rfl=1%2Chttps%253A%252F%252Fufile.io%252F%240
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79813e0038e4e20ce8b488c94ad783717445f1837efad105f3bd64de360e3a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35105
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36B0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWvtcUxLstLtveUM-XgZOTwtka1PaZHNPjFubUwA9JfEu2LzJM5fmesHoW7OHZY9lxdVaubPvYF8WW6TNW2FafJ-KjoVaEvOWlaUy2yg5_lJqu1WI
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 36B0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:37:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36B0 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:50:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 36B0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:35:14 GMT
l
www.google.com/ads/measurement/ Frame 36B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQR_Eg8NqEKlqgOGiYGF8odaLOwYvRwebBhYH_bOWdyyWYxy2ZbH_yQ7BUou_gdMva-eaR1WMMGHJLC9MjIzCkZqDhsQ
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 1E5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73dca18c2b7b909d-FRA
pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRpytJvDgkth2ThCqNptoI9ovRMzsqKBmct9dXU5UFmCZnfcosCe8Bvo4G7G%2BeE%2BYiTk4NQHXrJjeppuNSWSvWjU2O1vCndHuxnGhwuQRiFXx%2FZJh6tra375TgWLKslNLejeYUr1zpy20w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E5B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwEQ8iYmui07mbuQbd.WGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1&google_hm=2
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73dca18c5bb5909d-FRA
pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyEHaq0LeyxNQOhwIkBeTQzKCReVR%2BZr7mw%2BVdgNC55cmRSojiICPaFtLIJ2CunefRLt%2BMBi0kxwSExP4SfWPbXqUj91D6bXrHFFGJ1x0aUxK9aFYxf6pyzpzCzvLSg1AOCBofj2dkDu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLAFaZA6xmlyM-blXh8nC8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1E5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENtz1gebThTvnNUvi5JdvIw&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENtz1gebThTvnNUvi5JdvIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:58 GMT
X-Proxy-Origin
217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2239a45c-3ba6-4338-9693-392a3065a4f8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENtz1gebThTvnNUvi5JdvIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1E5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNUJtsWATyTruP8DehVLk1zMKKQXvjx1c4IVYvKX6EvOHFR_qNn3KUmLKE_5ZrDoPl5zVmD9TieJp5jYjmWW9Ofz4xmkKn6h4dwW4rUJXa9wk9KsWzVnLMCQBOIezvznKtuTSz36DPQ-RzrFa5YUIGZtLO4tPe37VqGhzfIp1Vn7xgYILgA
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:58 GMT
X-Proxy-Origin
217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ab49e507-6dc0-454f-b0e2-99bed9697d2d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyMTc4NzMzMjQ0MTk3MDkxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 36B0 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Origin
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 36B0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp758aa6Y02Shu1FBvCOgQI-cGTqvOOoPwjljyrQEHR2tZyeqYkn4cR-UWRrwqGpzNFYZsUKkHvsLJ_zgte_cCybN48RnT2UZTqKh7bk7icqIx4vmTZmJvfAcsJJ6Riq8_kumIJLSn_rLeHHzIKT2Q80RMpA&dbm_d=AKAmf-CBi5I7qFz0QmLafnd4bfgNItMWPd_yiA3MDGY6uMInxHDDRhDUtotczWLJwtEJapbF3pFSeyLG_OA2lmgvQrqaH8HqGEbc27Av5X_9zCmc_nBCgeqJBI_zfHruZ9bx0x5udHSnM_FSUxxfZylhIkVEmTWHzKoO2jSCCZ0IY9Y96gAChGI9fHRQ5rVoMha8j_Got02X4SRCYPx_fqrbfT-Nk3au9WO5gNnICjQz_lAfOwSXBOpmFDirMTEotici_4ruQJAGfj9F-gF_l6uRvRj2QFaXRlLRcYSDPX6X8Flpvgexwz-tXF0_tvIsE0JyH_0iQS0-eaNBI9jar52W1AIdEPF_BianvxeLhB4HRZjyORROox2LSs6hnYvJbPz1ZU930ZWTn4BoXdohgT0Rujkn5aTfyqk8NQa_4CrUnT2lZOJfYsFTNTO7uKskNpoNKY3tvwcYR9eGp_ashnjEwws8vLy3BNMnXKfMuFmUew69ya2_ET5R_AXpcviWb88pCJZ6XFMtLMt0h_W7wYZL02SFfNy0INbDP26gUomUdntam70hwv7nGAku0StCYURPvagJAJtk2Qr8AuSZB26v9u3hI2Ox4MRqLE2aZ208NLh5xlJ8_hfi9fJ6T8sKfe7Nq90Xq8aqYNy4Xvq9pOs0h8K8H9fDMFkr7jDHVY0Pr4_W05QSZtD76Qf-4serIxHo6rGqkYNKIDjlMPDVa0QNmCfr4EE5E0rngscvu-TyCLwvEbF5Bs7BcjeST8d9w11GS2VLDyCc6x7ZB-wZcLq4jt3LtOh8Mxdaa9unyd-hHlzq3CIdL3YFPuIaZrgfv4_abFAYQF1E_04Uca4YOq99tgc8_kTrzbMPKn1laWCf1aQdwhm2irst1sXtPLlJLPXlFBsYps0aCmeP3h9XU7Cmo3LyAbJ5qZv6N3D27v51G9b6bbxA-dxMr_iqt8zPzbL78QMfxhohoo62YqDFc2yANRs0gbEUe74_DldwUi50aSdO9VxYudN1qqDhUrlvRBLaO0nG-6rNPDD72hNwp-ywf7WSEcHuTob-icmFeOfN_8JmAL7eSJkp8yjy6jlygt4pNlYZNfwutWCiCySLGQOhR4YYcPn9J6STw2p-1U1J8eTpRDWXS4TzydBRli3t4yJVr48HMCtGmXaXJni8ysVsbK8JtHra1r1wW1f8dg4JnEoqiqUR7Ve5-vVICxrI6vY-bZ0r6TaPsiCOBv5oUrDH4OAZ3Nq2B-6FotgYQeGLbTcvgOku7SRDhhxgyIoqjqqfZZRWvceb4iLcD0Qbtkh1eD4-SJrrLzMNK6BzA_6-Ouq2fh7Db1_JvcZAfbP0QwxtPeSEe6pjl2qJ0KaDFWK3EofXtn7lgeB_RnrE16ai489t_Hkho2B9fMTujeEciCIpdJUC_ifhd_W0HC6wnN0xm5zOCGL389wrMSm2fC6fRFi69jQ5osFq6AXNX2BDhtR1nbY9iCV-IZlEHBclt_3eijnAzG5y-ZD6u3aY95zeoNtVT8Rq57Cog0b22mY6ef9y_-7M6MtEh5DRaOVbAPGE3iwUaRhsYCwgXYFhxxl-Gdhht6boMdK3v2fI2LMfz-c9N74wkecs2oiwqScrUQ6W_T5W9rFNV-eoafS9JTQGdcafvLURfHRQtCPiRDmQpa6P6qnimKdVaCyg1HLjyAOwW0kt4iOIVIL551M2xmF9D0K5GCAUu_y2ccrhAx3T5gq9JJLrvDJvf-nhXwtNw9v24gKJCHmYoGegfbpqnQhCqwL1UtJOA0kj1NiauloR2DXNr17jR8gySq8YVqcaiRw8ktfN4I6LM37exSHjkyl3-AFv9UipcPFxF2ttssB4CeuM7SOXGyLYT3rzWbABivdDFLEiz5WR_A_VfwxLJ5GwgeSIFrzwMQLej2npYTnYqCEDR5BYA4lDd4uJcL7TkVz0M_wTwiYWd1kgzqQlanL6zMz7H3f3G2W9leK04pmbCH2pcvSzrPewXMClH8VErXLK7XDJdAxldmtG-MNdl81hHT9GVxyaAVwInntOKKDLuU-2rg901ER8kdMBnTuTAY0fMslouItmwZHaACwByYXsv7GgcL57-GVbhVdMvQl3-hrOVreV7MoRTF59UPkeOCY03ZmQ5u6nA_jBXH4DtOJRAJw_FBzW0hzIrYRDnqIlRgurHGPvqxe6YLnl9IUafkzM5xwJu8Xe44TNEZ_S4heYLa_DlG26XUtvpSruTO897f4S6j6lbxVFu_lFYgatqVivplt1dbeIFsYSZWDHsfsCjgOkd7B_eQ21HHWTPsPP8zYCR7TjFljcyu-J0BZvQLzXoO3o3jVyldy67bGI68PkJYZatCGHv8ApdpBTktDTCs9qAtUCJz_kVdJNvdMEtRr4KiKfonI-WyRaJeasQj8_9840ptWGEWuEi4kxhiDPNzVkq446rK_KJXmksLYkEVhmBlm4S0fSNHIyFCOHgxnex6-3TasBVTqANMp7nTuo0nz5PoGlUxp1tIDtpkmPXqmer5ZKII1LURs2SPP0JDkUWpGBMcdUlkG3tBsHv8b-5n9OvdfoP42MHWWMRFYEZoMQvZ_HZ26fmoqoQYyaVDy1aBH4QFwDhCPpDI8aGqmiONDJZ2j4OZIeoVU7JE_8LluXykHdhxf99k-H2sH45uQBQm4xZN4Iw5XhDxtJpzNXrlm03sCoY4akBypfx1eKJSVOTdgBveVDGR40BVe_9Po5AeAyrzfgPjruVKXfphVXcZ5cxBEVXrq7FWpTRYwtOVbtX_I0PeiyWIqM07Mv3TAKYKcsqwyfT2JWs_Hogl03FhlRko8k4CyIHeoaBdfpv55KihYmSsRAdE43DAjgac4bGv-hSm_UFDfPFpNF-kaLlUFSnvF4nGChAAPm5-dxGFuPVPHar0JL11UHv4BcSRZ9FIC_XaL1dAp7NUUCvM1cyZThfwHePz4GBBYewW4C8LthW6VBPsJ0rpMFt9Tj2Oi8qmycGL2qfgTRMiWNm1HkRqaYpMu2GeNXf8YZK15T5XrUdkwd7T8lMCu30HC-snXq77HUXeYXWQKNTUIOX1uOO5IVqSh5DJJd542lMbiunQuBdan4SIv0hT4j_nldzTYDIiIPA3gJu2v24MkocW2a0wVN1_i5KlUStSCRNl_fkd8pL8JFpz8NoitvzUefHsxgJNLGMdmGfGqrUlQ2rmughntnR1ThBQ8h&cid=CAASJORoOnEMJ4Mo7mYtIcvaWAv3qQ7eb8jpdUPFGXBjkaYaztgkUg&rfl=1%2Chttps%253A%252F%252Fufile.io%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:26:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 36B0 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp758aa6Y02Shu1FBvCOgQI-cGTqvOOoPwjljyrQEHR2tZyeqYkn4cR-UWRrwqGpzNFYZsUKkHvsLJ_zgte_cCybN48RnT2UZTqKh7bk7icqIx4vmTZmJvfAcsJJ6Riq8_kumIJLSn_rLeHHzIKT2Q80RMpA&dbm_d=AKAmf-CBi5I7qFz0QmLafnd4bfgNItMWPd_yiA3MDGY6uMInxHDDRhDUtotczWLJwtEJapbF3pFSeyLG_OA2lmgvQrqaH8HqGEbc27Av5X_9zCmc_nBCgeqJBI_zfHruZ9bx0x5udHSnM_FSUxxfZylhIkVEmTWHzKoO2jSCCZ0IY9Y96gAChGI9fHRQ5rVoMha8j_Got02X4SRCYPx_fqrbfT-Nk3au9WO5gNnICjQz_lAfOwSXBOpmFDirMTEotici_4ruQJAGfj9F-gF_l6uRvRj2QFaXRlLRcYSDPX6X8Flpvgexwz-tXF0_tvIsE0JyH_0iQS0-eaNBI9jar52W1AIdEPF_BianvxeLhB4HRZjyORROox2LSs6hnYvJbPz1ZU930ZWTn4BoXdohgT0Rujkn5aTfyqk8NQa_4CrUnT2lZOJfYsFTNTO7uKskNpoNKY3tvwcYR9eGp_ashnjEwws8vLy3BNMnXKfMuFmUew69ya2_ET5R_AXpcviWb88pCJZ6XFMtLMt0h_W7wYZL02SFfNy0INbDP26gUomUdntam70hwv7nGAku0StCYURPvagJAJtk2Qr8AuSZB26v9u3hI2Ox4MRqLE2aZ208NLh5xlJ8_hfi9fJ6T8sKfe7Nq90Xq8aqYNy4Xvq9pOs0h8K8H9fDMFkr7jDHVY0Pr4_W05QSZtD76Qf-4serIxHo6rGqkYNKIDjlMPDVa0QNmCfr4EE5E0rngscvu-TyCLwvEbF5Bs7BcjeST8d9w11GS2VLDyCc6x7ZB-wZcLq4jt3LtOh8Mxdaa9unyd-hHlzq3CIdL3YFPuIaZrgfv4_abFAYQF1E_04Uca4YOq99tgc8_kTrzbMPKn1laWCf1aQdwhm2irst1sXtPLlJLPXlFBsYps0aCmeP3h9XU7Cmo3LyAbJ5qZv6N3D27v51G9b6bbxA-dxMr_iqt8zPzbL78QMfxhohoo62YqDFc2yANRs0gbEUe74_DldwUi50aSdO9VxYudN1qqDhUrlvRBLaO0nG-6rNPDD72hNwp-ywf7WSEcHuTob-icmFeOfN_8JmAL7eSJkp8yjy6jlygt4pNlYZNfwutWCiCySLGQOhR4YYcPn9J6STw2p-1U1J8eTpRDWXS4TzydBRli3t4yJVr48HMCtGmXaXJni8ysVsbK8JtHra1r1wW1f8dg4JnEoqiqUR7Ve5-vVICxrI6vY-bZ0r6TaPsiCOBv5oUrDH4OAZ3Nq2B-6FotgYQeGLbTcvgOku7SRDhhxgyIoqjqqfZZRWvceb4iLcD0Qbtkh1eD4-SJrrLzMNK6BzA_6-Ouq2fh7Db1_JvcZAfbP0QwxtPeSEe6pjl2qJ0KaDFWK3EofXtn7lgeB_RnrE16ai489t_Hkho2B9fMTujeEciCIpdJUC_ifhd_W0HC6wnN0xm5zOCGL389wrMSm2fC6fRFi69jQ5osFq6AXNX2BDhtR1nbY9iCV-IZlEHBclt_3eijnAzG5y-ZD6u3aY95zeoNtVT8Rq57Cog0b22mY6ef9y_-7M6MtEh5DRaOVbAPGE3iwUaRhsYCwgXYFhxxl-Gdhht6boMdK3v2fI2LMfz-c9N74wkecs2oiwqScrUQ6W_T5W9rFNV-eoafS9JTQGdcafvLURfHRQtCPiRDmQpa6P6qnimKdVaCyg1HLjyAOwW0kt4iOIVIL551M2xmF9D0K5GCAUu_y2ccrhAx3T5gq9JJLrvDJvf-nhXwtNw9v24gKJCHmYoGegfbpqnQhCqwL1UtJOA0kj1NiauloR2DXNr17jR8gySq8YVqcaiRw8ktfN4I6LM37exSHjkyl3-AFv9UipcPFxF2ttssB4CeuM7SOXGyLYT3rzWbABivdDFLEiz5WR_A_VfwxLJ5GwgeSIFrzwMQLej2npYTnYqCEDR5BYA4lDd4uJcL7TkVz0M_wTwiYWd1kgzqQlanL6zMz7H3f3G2W9leK04pmbCH2pcvSzrPewXMClH8VErXLK7XDJdAxldmtG-MNdl81hHT9GVxyaAVwInntOKKDLuU-2rg901ER8kdMBnTuTAY0fMslouItmwZHaACwByYXsv7GgcL57-GVbhVdMvQl3-hrOVreV7MoRTF59UPkeOCY03ZmQ5u6nA_jBXH4DtOJRAJw_FBzW0hzIrYRDnqIlRgurHGPvqxe6YLnl9IUafkzM5xwJu8Xe44TNEZ_S4heYLa_DlG26XUtvpSruTO897f4S6j6lbxVFu_lFYgatqVivplt1dbeIFsYSZWDHsfsCjgOkd7B_eQ21HHWTPsPP8zYCR7TjFljcyu-J0BZvQLzXoO3o3jVyldy67bGI68PkJYZatCGHv8ApdpBTktDTCs9qAtUCJz_kVdJNvdMEtRr4KiKfonI-WyRaJeasQj8_9840ptWGEWuEi4kxhiDPNzVkq446rK_KJXmksLYkEVhmBlm4S0fSNHIyFCOHgxnex6-3TasBVTqANMp7nTuo0nz5PoGlUxp1tIDtpkmPXqmer5ZKII1LURs2SPP0JDkUWpGBMcdUlkG3tBsHv8b-5n9OvdfoP42MHWWMRFYEZoMQvZ_HZ26fmoqoQYyaVDy1aBH4QFwDhCPpDI8aGqmiONDJZ2j4OZIeoVU7JE_8LluXykHdhxf99k-H2sH45uQBQm4xZN4Iw5XhDxtJpzNXrlm03sCoY4akBypfx1eKJSVOTdgBveVDGR40BVe_9Po5AeAyrzfgPjruVKXfphVXcZ5cxBEVXrq7FWpTRYwtOVbtX_I0PeiyWIqM07Mv3TAKYKcsqwyfT2JWs_Hogl03FhlRko8k4CyIHeoaBdfpv55KihYmSsRAdE43DAjgac4bGv-hSm_UFDfPFpNF-kaLlUFSnvF4nGChAAPm5-dxGFuPVPHar0JL11UHv4BcSRZ9FIC_XaL1dAp7NUUCvM1cyZThfwHePz4GBBYewW4C8LthW6VBPsJ0rpMFt9Tj2Oi8qmycGL2qfgTRMiWNm1HkRqaYpMu2GeNXf8YZK15T5XrUdkwd7T8lMCu30HC-snXq77HUXeYXWQKNTUIOX1uOO5IVqSh5DJJd542lMbiunQuBdan4SIv0hT4j_nldzTYDIiIPA3gJu2v24MkocW2a0wVN1_i5KlUStSCRNl_fkd8pL8JFpz8NoitvzUefHsxgJNLGMdmGfGqrUlQ2rmughntnR1ThBQ8h&cid=CAASJORoOnEMJ4Mo7mYtIcvaWAv3qQ7eb8jpdUPFGXBjkaYaztgkUg&rfl=1%2Chttps%253A%252F%252Fufile.io%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:45:59 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 7ED1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 20 Aug 2022 17:29:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 36B0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:07:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D976 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 36B0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f18951654678c81547a5ebc19eb0d4cede3b2b2d7bf98b5d046130ac6c0cab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
impl_v90.js
www.googletagservices.com/dcm/ Frame 7ED1 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 16:29:42 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4CD2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 14:07:24 GMT
expires
Thu, 17 Aug 2023 14:07:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame D976 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D976
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1&google_push=AehlK4CE1eQyf0HlTU3dDsMoy48OWh6lwRr6yXT3biV5cBm61R1LaPf-ulsZYhKx76AU_LBH_GWQmHZ5-votAwgJfWlTdi_25_w
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5NTU3NDA2MjczMjU5MDI5NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJm76HxCahv9drqIYq6wzfc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D976
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdFUThnQUFBTEAwZHkyQA&google_push=AehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y0766N042wHXwXtj_EIyQ5TueOvhHCyekQD0JAL5ozYO0LKWJNvwkwA9cG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdFUThnQUFBTEAwZHkyQA&google_push=AehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y0766N042wHXwXtj_EIyQ5TueOvhHCyekQD0JAL5ozYO0LKWJNvwkwA9cG
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdFUThnQUFBTEAwZHkyQA&google_push=AehlK4DWh9fGVilhuUQDapeCdI8mPeDjeADf5sG9t1y0766N042wHXwXtj_EIyQ5TueOvhHCyekQD0JAL5ozYO0LKWJNvwkwA9cG
Date
Sat, 20 Aug 2022 16:50:58 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame D976
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPwjGXsC54f2eiJ2bAVRc6U&google_cver=1&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNt...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPwjGXsC54f2eiJ2bAVRc6U&google_cver=1&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2Nn...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=0f81952d-33ce-4a9e-b4a2-da8a226846b4&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2&google_hm=gROfcO2tQOeG9qlBbQyZTA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2&google_hm=gROfcO2tQOeG9qlBbQyZTA==
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DDld3qHRocZvpP05cd-MtJsmu2h7LljJNddXRjho_unjeQW5HMsVcV00IvbWKfivS7JbiAkvSDUqv2NnVPimNtTpSce5s2&google_hm=gROfcO2tQOeG9qlBbQyZTA==
Date
Sat, 20 Aug 2022 16:50:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D976
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6juFoDD3jfr8QdnWKaSvY&google_cver=1&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0-w5Y3&google_hm=NzI2NjczOTQ1MjgwNTI0Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0-w5Y3&google_hm=NzI2NjczOTQ1MjgwNTI0Njc0NA%3D%3D
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Aug 2022 16:50:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DlJmp39IwBkj8Yqf3bCXwym1uZKTe-x6EU-cwWG_55QitKP0QlOFFP_h5z3PgikBk9PsfinVqaxu7kSRRhV87I8P0-w5Y3&google_hm=NzI2NjczOTQ1MjgwNTI0Njc0NA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame D976 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHXjXZJZ46AbYY3jdSkyyEc&google_cver=1&google_push=AehlK4DZs5vw-CglX1R7yEBDy8ygQzNVCfrdtr8ws-RrrWrBU8Gq5X-NJo3BiW1MQ2BGokbiXTBbAGAvKG7kXnhM1vi_3Jf5_6s
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7q1t387aa34fmoubvon5942aorolfdej
pixel
cm.g.doubleclick.net/ Frame D976
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGdFe2LTfT-Y5HQ7uyay6z0&google_cver=1&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-Vd...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGdFe2LTfT-Y5HQ7uyay6z0&google_cver=1&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-Vd...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tamEyS1JwRTJ1RVRoSHFqRlI2S2g5NjBQLmxrM09nUH5B&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tamEyS1JwRTJ1RVRoSHFqRlI2S2g5NjBQLmxrM09nUH5B&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-VdmO3OolVpgBCq9EnP8ZUhbUACEPFA
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tamEyS1JwRTJ1RVRoSHFqRlI2S2g5NjBQLmxrM09nUH5B&google_push=AehlK4BRpvu_q_ZPdVxMRDdvgFyy8z7TOdFFyQkgx_KFqU8ygeN-YDHR-XHP_CD7ih5PyuG-VdmO3OolVpgBCq9EnP8ZUhbUACEPFA
date
Sat, 20 Aug 2022 16:50:58 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame D976 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj6q01TVCXumcr3zpIobf1SZnyr14DSTJxKwh3wNmYpZ4IEU-zRE7vkMz-Qe5p4TwzpBB-rQ
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=250412649;ord=fat73e;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fufile.io%2F$0;xdt=...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 7ED1 		49 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=250412649;ord=fat73e;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fufile.io%2F$0;xdt=1;crlt=awOO-P6z1I;stc=1;chaa=1;sttr=31;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
7c70d05d3be4b2b893441d3f5c1e046da0b44b10b5f4319529177bfd83ff3489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24370
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 4CD2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
728x090.html
s0.2mdn.net/sadbundle/1132308612429905920/ Frame C9E6 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aaa8cf1bbdb357b02e2a5ad848ada5743e73e3be3a98dc8d62eb4c6c5ee955d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 16:50:58 GMT
expires
Sun, 20 Aug 2023 16:50:58 GMT
last-modified
Fri, 22 Apr 2022 08:43:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 36B0 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstj3dzZbidfwXgZcUjAUywG4VHvhWTCn6xlSjtYy_JIt4LBRmZQdjBJWDAsL0fsCmRrzGPW6ZYhMtdk1D_xmBztv45oEgqKXWoAY6wlAz3ND_XzQIcv6bzOb39v7UIoGdP9feYj87MY7XZ_dCxnQ3EzsM6YGuz6HJyWsRWjVwnjLtTwWhyYyC4bLCVIT82UV7DG9nYEwS50PfDWrfZ_YB1UW1D6sjzMqeJC-4WhEx32E_eOSwpnoLzAU7x99O6Vp1FJ3N89bKVSXXvg8GVJZJtiyJTgqkJldnGBA0cxfmn1yEWG4RlGSQ9nee_bEjkFZaCtEGQUQgCo7HDDrTO1w1HKNxTyhin_1TLnuGno7-kRUW9_ExCjs-A1XyStXDdV6EvX6rav5_lLTB4aglPuC1pLj4ZABwnN0ZJ2BX8cjMaCkDr0q8I-EManpBToLyYZf_DaF0Ka7ObhdS0TokdYoNLz6M1rwu9r_rOWpPJCViubPPO0lhGNt9DXGpi5A4JysaaR0sD-U-nz9vmMWYhwesdLBxP6IuaV-opi9edm-lCQIrk27ojYPcHFBsQx6v7fkny9fzhpeyxC_UVIfZ6ncDgEZQwv-UNulANkXKLsxTpiHqsJhymBaWW-8bhbrUBI99DzzEnLfaye-91AxedmRrLIRa5NeT08Mk7hc505mWtzIzwyKQr5xMExuforjUTMn3VGRq_3g_V45JVcdg4cx90w2L4J7pnxhdCXCPxw0KpUxBmk_A6oh47OAwfc-GMDXiJc8ZnbCZhxfLzzblFzlczas64IylXmzqZpmP_EaZtMSUhIXSosZVEIlCtMz2hgBARuuNC8TTOERcJUa7Cpq50pBvoAjBSJxhedt77yilt4jFguTtXpcvqK2ACQVcly0UupfphUJm4pYrIIooZ6oI4oY2G8AIJYm6Hy3JuG_FTVbQind29YLNGnk1Hvm3L_4vo192ZGxOizYsSloBHXtS11IhwbS3T_td-XaYMljU2ZUouoXRcInh7EmR9g-mvkFDsO9GSaA-lAcqpcRrx1KH9dX84hUahcdM3e2SjFE0NcJjvKdHtNK3yGWW01mB9zUOR56YWS00ydpnTYMWVtRLW-oy2WfnGCj03TX86B4N9hh0lkyjNvae66X0VmZCME0AQe25fFEz7Prvjo6crFXQ51ScpzEYfR3LR5e1Bh63Pn7GSt4bxFsse-35H22s_3-pdAoR3GOa59Ww2i-yv9NPOomtEf3kE8yHAw-VC4RaLPToG_-D8EjiDx&sai=AMfl-YQdKaUQNiRoZytbl-TlG_bKrLrXUyGCLmZN3hPhCJuO9xQmtPRDgWqe_tEtnhxxTIWZQ5qSnvVjZq2s0pLVQE-aXgi9S8y8fES0mWYGdHTo_y31KBY4W__HdDmPOHq3FTFoVTZVIHPSLf4oHH67RAPgRMV_jr3lR9RAG6lgJ_HEwQ25crNpYiYdumxZwZP2WTDk6hDOez3gkPhUEltt6A&sig=Cg0ArKJSzGHdeQxyjhnTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=140&cisv=r20220817.09185&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 20 Aug 2022 16:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 7ED1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=250412649;ord=fat73e;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fufile.io%2F$0;xdt=1;crlt=awOO-P6z1I;stc=1;chaa=1;sttr=31;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 16:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7ED1 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrPiqVR_l13Lg_uHSjDkigAwY9WOCspE8djZFLM_ybtB0746_C11Jh8Rkx_oV4dgEH459E0a61TOPRK1AQEQeJnJ22j39A2Ip4qvNjXsmWgImzkqQCNvodzYY7Q30P2M21UpO__nRTz_YpkY46N9ZU4A&sig=Cg0ArKJSzBM5vcwW36eqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220817.26268&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=250412649;ord=fat73e;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fufile.io%2F$0;xdt=1;crlt=awOO-P6z1I;stc=1;chaa=1;sttr=31;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
2692147425811226566
s0.2mdn.net/simgad/ Frame 7ED1 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2692147425811226566?sqp=-oaymwENCNgFEFogAUhkUAFYAQ&rs=AOga4qmO8JbcaYUzEg4o03RwoaO-jqaeXw
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735fe25c0a387a7acbfb3dbe51ee6e4c2c3be4dcc9d9d11f3a0f9dc5c5f3bc96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 13:17:38 GMT
x-content-type-options
nosniff
age
444800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91708
x-xss-protection
0
last-modified
Mon, 16 May 2022 16:38:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Aug 2023 13:17:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BD24 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 14:07:24 GMT
expires
Thu, 17 Aug 2023 14:07:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements2960.js
cdn.doubleverify.com/ Frame A02D 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2960.js
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 16:50:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 10:10:38 GMT
Server
Microsoft-IIS/10.0
ETag
"0e3fcf045aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107745
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6E04 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7ED1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b78c656233a707aa5d67729d8a17e7205b42e874388f056eba96773ceb74910

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_248.js
s0.2mdn.net/879366/ Frame C9E6 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 09:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 09:21:15 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C9E6 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 16:50:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7ED1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrPiqVR_l13Lg_uHSjDkigAwY9WOCspE8djZFLM_ybtB0746_C11Jh8Rkx_oV4dgEH459E0a61TOPRK1AQEQeJnJ22j39A2Ip4qvNjXsmWgImzkqQCNvodzYY7Q30P2M21UpO__nRTz_YpkY46N9ZU4A&sig=Cg0ArKJSzBM5vcwW36eqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=73&vt=11&dtpt=72&dett=2&cstd=0&cisv=r20220817.26268&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=250412649;ord=fat73e;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fufile.io%2F$0;xdt=1;crlt=awOO-P6z1I;stc=1;chaa=1;sttr=31;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CD2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE9ZR8hABY8mqHLXK7_UP5ZmJmAMAAAAAOAHgBAI&bg=!lpWlldHNAAYUOm8VNDo7ACkAdvg8WhgieBwNTShobMHnjkzRYImhKrOUnjXr0lJb-fL2-TwmKj8vjQIAAABZUgAAAAJoAQcKAAOOd2yZAxly3u1JB9HlOAPdpZ_qteBEWF9aig-XV2LT3yWaNRIoYLutI7F2Lb9smwoJkWEDF4PQDgPzyHf4j7eKu0goOPNaxaEBdzsxrGODLz8qPu72RmzQ6Ls8MA70fi5RrdyzH8Xp-JxNu33GI-pTbl2f9RjVBjYnw0zQnTzGrkJt09Te895HGuuU1aMqA6iF1QADTe-kQK5elyallw5Brhw0v7wXX9mJWkM-PPH7dsl8gNuZtx5-6dP3_Li_Lat1qdrrv3WgY7mv0ysOuwN-AkPpBh_17u7mq_mRCt4RLzT-4SVZuEyI67ufbFS13jEI4mNT3YN2Ofn4_mt2lTgBkKcpQoYVKAoSSQD-g9zvsnH_0J-VCwQJG-VzQiXYmCnSb6tno6eSXTPDsJgx17MoMFHoe10Wyt1zaAUPQ0Hy4wr7drhBIDh94ygZxgZR6IiTttj0iec-9PklHmQc2M46UDneP3IHiP1n6-Sx2rhetMaX5A_56WuBd4kzUv45bp_b0E7FVgHgNI-QlX8mkQpM7l2GyjUSRLTsniPuQA7fHoiVGSYf9dFGjb6CG835Cmd-i_kLW3nuLXMg03T-37d0y9vcxmtoYF7FDJyNjCsbLgHYGkmBxX7608AcOTSLRiis7nLz7HQW7TMxHw7Dey1vZLMDm-YBSRfslq06BXw--baYYEcACVtyhpn-epHl1am_AX52AEVKKsrgWY6wHAs4UBva-HcrMWiW8AvExtrY5q1ZjUqhF0ZpoLb4xqq6iIbI2pncIl-ULsjkeU2djWm6hejh1SPHVLRA8RydO-HTfkxYxXLv_O1YbNM0QMhuTwemX0o-GOQogO-s9DDuOXHtxEdwYD6bS9zE2Lux57LswqVfTsScT1t7hPRDgSq-bBUMhnIXgz1v9t0YmtOjpjL0onlGpymePIHUpyzS4XmN40HR0rMkPMYQIdcw7FcyeKX1rJMT4VUOALndje-y96wcJZsdu0EmzG8HbWgiquABu3LGJ66vK211N_ZQN5JtQ87VT0ipBmK824fBaA9JdFUD3CzbwN3N8QSRR7gJ08-7
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame BD24 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 17:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
85377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 17:08:01 GMT
i.match
s.tribalfusion.com/z/ Frame 6E04
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73dca18faa649a03-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
993
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73dca18e68d39a03-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE9G9LLyOXJ9K4gNLaoS1SE&google_cver=1&google_push=AehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ApPIH9VE7MIyqbFxkG9fg50rD4nrdMk0_hkpyVT6eH5FAWA4zupttCJBhGx_ElW9KOhFKsWix2PRbquPVZE1-zf-dG9yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6E04
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJiXHDLTJ8uxYh8xBPK7z4o&google_cver=1&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2oJ3LPAXT-uqQQrsUGCtzw2&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0GW93CuNPqW7v
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2oJ3LPAXT-uqQQrsUGCtzw2&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0GW93CuNPqW7v
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Aug 2022 16:50:58 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2oJ3LPAXT-uqQQrsUGCtzw2&google_push=AehlK4Cjh_8fN1Rjf49laEnlRjqyE20CIREE99nwi9I23g7TAcyVC5W2-KknUGSrlJNGzX42cysF70X6PpZ_DZ_0GW93CuNPqW7v
x-host
tde-deliveryengine-production-9ffc95d-vt7bm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6E04
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyOLnhgMfH63s_SSvfyhdw&google_cver=1&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyN...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyNTAyMUstWS1NOVBG&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyNOtw8DERlRfB_ov-64HXR89GPn
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyNTAyMUstWS1NOVBG&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyNOtw8DERlRfB_ov-64HXR89GPn
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyNTAyMUstWS1NOVBG&google_push=AehlK4BOkEbDbYfB3MtWnfxcwy4H-XAjZauF8N2Rt7hcBQ8IhKJU3DqaysPoT7KbjjQ9IB2MRyNOtw8DERlRfB_ov-64HXR89GPn
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6E04
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_hm=YwEQ8iYmui07mbuQbd-WGQAABKgAAAIB&google_nid=index&google_push=AehlK4BZke7ssg0egU1L-ALizyvMeDtDexAPv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_hm=YwEQ8iYmui07mbuQbd-WGQAABKgAAAIB&google_nid=index&google_push=AehlK4BZke7ssg0egU1L-ALizyvMeDtDexAPv4js8q9BAJinTYbNDCKh1goEr55vkOjmwXpDK8GWjbZXXeKHP8Xcer56IIpkMya8
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxt57e0yTnfCdsCEnd1FwAKom2OeLdJBjBbgRj51Z28SeN89n9i6xYbOFKRxfB11TVi31YbDQ%2BnSBcKxidNQTpR1Q4MbnyW9km0lIE7Y5vGy3im%2FqAR8LGP80fPqVxVpEAnzsYcUvJEpJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqd5fAy9RmOvZKRxHNEFYY&google_hm=YwEQ8iYmui07mbuQbd-WGQAABKgAAAIB&google_nid=index&google_push=AehlK4BZke7ssg0egU1L-ALizyvMeDtDexAPv4js8q9BAJinTYbNDCKh1goEr55vkOjmwXpDK8GWjbZXXeKHP8Xcer56IIpkMya8
cache-control
no-cache
cf-ray
73dca18e593568eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6E04
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-9778ccf7-b699-4c16-ab44-3dc6038454ba-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CxPD_ZK2QiJG8MwNdjH...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&google_hm=A5d4zPe2mUwWq0Q9xgOEVLo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&google_hm=A5d4zPe2mUwWq0Q9xgOEVLo
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CxPD_ZK2QiJG8MwNdjHLfnBikjSXQHJGjlzTseMseMehxbYHajpMB3PEpvYI91K_0kjV2jJfIsBQ0Wzafj80wtRCYmaiOV&google_hm=A5d4zPe2mUwWq0Q9xgOEVLo
date
Sat, 20 Aug 2022 16:50:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9778ccf7b6994c16ab443dc6038454ba003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6E04
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJTxFetDZAV83zkMpfGMF1c&google_cver=1&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4NjEzMzA5NTg4NzE0MzA2MTI2Ng%3D%3D&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4NjEzMzA5NTg4NzE0MzA2MTI2Ng%3D%3D&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4NjEzMzA5NTg4NzE0MzA2MTI2Ng%3D%3D&google_push=AehlK4CcZ-QdqwM0nC9ju_dd-RHDErEf50ZO3jd7-G7TVG41i2sXtxXBmHCAaFszsL9MPq418Yu9AsX4JesipckQVMjn-yX3JG-Z
date
Sat, 20 Aug 2022 16:50:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 6E04 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEL-uWrgWR8aoAbiQ1c_25j8&google_cver=1&google_push=AehlK4CwX2XUjwd5wL2crCZweLtVDraNwSXgp6Zu9NZnwVyWoJz3YsVDgOi0PSeuSR2H-wacw35y6JBUjn9E71WUwVpSroEf327ehQ
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 16:50:58 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6E04 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWw6HpZppwBbT1AY0Fa8CIOqfbkLeUn0C3m-uKVg5h-OCdoM9f5HE5Ly3FL1r5brkq7PkZ5A
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 36B0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstj3dzZbidfwXgZcUjAUywG4VHvhWTCn6xlSjtYy_JIt4LBRmZQdjBJWDAsL0fsCmRrzGPW6ZYhMtdk1D_xmBztv45oEgqKXWoAY6wlAz3ND_XzQIcv6bzOb39v7UIoGdP9feYj87MY7XZ_dCxnQ3EzsM6YGuz6HJyWsRWjVwnjLtTwWhyYyC4bLCVIT82UV7DG9nYEwS50PfDWrfZ_YB1UW1D6sjzMqeJC-4WhEx32E_eOSwpnoLzAU7x99O6Vp1FJ3N89bKVSXXvg8GVJZJtiyJTgqkJldnGBA0cxfmn1yEWG4RlGSQ9nee_bEjkFZaCtEGQUQgCo7HDDrTO1w1HKNxTyhin_1TLnuGno7-kRUW9_ExCjs-A1XyStXDdV6EvX6rav5_lLTB4aglPuC1pLj4ZABwnN0ZJ2BX8cjMaCkDr0q8I-EManpBToLyYZf_DaF0Ka7ObhdS0TokdYoNLz6M1rwu9r_rOWpPJCViubPPO0lhGNt9DXGpi5A4JysaaR0sD-U-nz9vmMWYhwesdLBxP6IuaV-opi9edm-lCQIrk27ojYPcHFBsQx6v7fkny9fzhpeyxC_UVIfZ6ncDgEZQwv-UNulANkXKLsxTpiHqsJhymBaWW-8bhbrUBI99DzzEnLfaye-91AxedmRrLIRa5NeT08Mk7hc505mWtzIzwyKQr5xMExuforjUTMn3VGRq_3g_V45JVcdg4cx90w2L4J7pnxhdCXCPxw0KpUxBmk_A6oh47OAwfc-GMDXiJc8ZnbCZhxfLzzblFzlczas64IylXmzqZpmP_EaZtMSUhIXSosZVEIlCtMz2hgBARuuNC8TTOERcJUa7Cpq50pBvoAjBSJxhedt77yilt4jFguTtXpcvqK2ACQVcly0UupfphUJm4pYrIIooZ6oI4oY2G8AIJYm6Hy3JuG_FTVbQind29YLNGnk1Hvm3L_4vo192ZGxOizYsSloBHXtS11IhwbS3T_td-XaYMljU2ZUouoXRcInh7EmR9g-mvkFDsO9GSaA-lAcqpcRrx1KH9dX84hUahcdM3e2SjFE0NcJjvKdHtNK3yGWW01mB9zUOR56YWS00ydpnTYMWVtRLW-oy2WfnGCj03TX86B4N9hh0lkyjNvae66X0VmZCME0AQe25fFEz7Prvjo6crFXQ51ScpzEYfR3LR5e1Bh63Pn7GSt4bxFsse-35H22s_3-pdAoR3GOa59Ww2i-yv9NPOomtEf3kE8yHAw-VC4RaLPToG_-D8EjiDx&sai=AMfl-YQdKaUQNiRoZytbl-TlG_bKrLrXUyGCLmZN3hPhCJuO9xQmtPRDgWqe_tEtnhxxTIWZQ5qSnvVjZq2s0pLVQE-aXgi9S8y8fES0mWYGdHTo_y31KBY4W__HdDmPOHq3FTFoVTZVIHPSLf4oHH67RAPgRMV_jr3lR9RAG6lgJ_HEwQ25crNpYiYdumxZwZP2WTDk6hDOez3gkPhUEltt6A&sig=Cg0ArKJSzGHdeQxyjhnTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=332&vt=11&dtpt=187&dett=3&cstd=140&cisv=r20220817.09185&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ufile.io
URL: https://ufile.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.1104,e2e.1567,fs.1083,reqs.1085,ress.1104,rese.1104&srt=22&e=&id=csi_pagead&gqid=&qqid=CM_Lw6bw1fkCFULAuwgdn5EBsg&rt=lb.177,ol.463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame A02D 		694 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=160&ttfrms=27&brid=3&brver=104.0.5112.101&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauF7%3A%3D6%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauF7%3A%3D6%5D%3A%40Tar9EEADTbpTauTau5364_a6haa_d45e65%60c7hfb_f2%60_6%60hc%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1661014258994455&jsCallback=dvCallback_1661014258994211&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2960&tgjsver=2960&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fdbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=8&brh=2&sdf=2&dvp_epl=207&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ufile.io/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hawluYPEjjmvG7d39TIT1n&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16702648460&DVP_DBM_4=414878587&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=568750341312&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=159157167482.09546&dvp_tukv=250684623857.43048&dvp_uuid=6560875324.369527&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1211865983424
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
20d0d2f7b353a3f48367bb3d22749b256e11fe7f040cace12dc1022445dd1844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 16:50:58 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
08/19/2022 16:50:59
sodar
pagead2.googlesyndication.com/getconfig/ Frame C9E6 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d0dfc63785467d75c8b4011e94fd57077456aede306b5c31bbac1b440fd6fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5719
x-xss-protection
0
60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C9E6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a60c69a8bf2d56c3a5cbb3bf90fcc525e5d30dbf666cc30183f0596161dacda0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 17:52:23 GMT
x-content-type-options
nosniff
age
82716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31592
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 17:52:23 GMT
60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C9E6 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6119b3a6a86e05dcafef83df6c5cd162bd1dfa6965ef1ab3388fcf8c7b6b5572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 18:33:02 GMT
x-content-type-options
nosniff
age
80277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30018
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:00:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 18:33:02 GMT
60005582_20220627070043615_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C9E6 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070043615_STANDARD_728x090_LOOK-03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb93e41e3d1d3a2a4beb18b2b313b58b7d7a5961a49351459685051563690ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=r3BRxbDjK3&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 18:33:02 GMT
x-content-type-options
nosniff
age
80277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24254
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:00:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 18:33:02 GMT
postview.gif
portal.o2online.de/nws/img/ Frame C9E6 		43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332317081_170181287_QTSOHO0103A20220502&ref=27513879_4307561_332317081_170181287_QTSOHO0103A20220502
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 16:50:59 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD24 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD-Wb8hABY8yaLK67x_APireqsAwAAAAAOAHgBAI&bg=!_f6l_rrNAAYUOm8VNDo7ACkAdvg8Wpjx0rolRGwQW8x5kNU3me75Hkiew5SMEbVXq5xDf1hkm54OFgIAAACMUgAAAAFoAQcKAIwMwmDtZC_JMRT5-V6FONVK8-rJJtm11fBytFlWco4GUn1NIN87tfinJk58eyxM8BsmRDPHQMu7M-xqMsxezxnwuSKrBV2zaERj4ee6nmPW1Xo06R4I5dV2TE0Qqe7NAA9n8pD6Qb9Yw-OLtuxvgJ18y7IsqmpN1CCIred2krmAHIf2DLk-ih_Imt9OcpkC_izIUvcWtP2UgiabCOx7Qh5LqaBBnwEzckXHbpQJEVw207npgYbvsiFpaJkBFzXopmFEib42bab_yFL72OcqnBvYTTX2xbawZVnwpCp8P9C4YW8igcM_PDZqf1KLi6Ih74ZAnkARUjzovt8MXTP3GSgrZhZ5PfqxDgZ5U6uGrcMe5PcTGcp8A947fOL4yKHqCZ0V_U7p4k5iyDUvuvoUTI02Tlrl8n-z3tFgJxqcCX4cnECYXrNM4pdr1o-dTzQEr2lQqVcSMyO_zEAefUypbB7RNoC0D8hIMfzYSZT2QJ2s5rE5vzxtAXsIvx2ybpbYIS0TYQ3KhGAtAC8DK3LkxDAgEap5tGHx6G8ETpcUjh4sWT_ZoAf_tAbvhlnqEjFJInPOgkrS8rflM3O-2j_UaH099iiecOTUoroJ_ksiQe5QEbyuSfDIdVjJqRJvOlm1_N1sUCnIylEzZGeT9k8Y1GaPNq9GngXl_T-WVUA_dl0hdHlQC64warszj0SeN4FqwrzKAOm1Q5fSsMx_SQ6qQIanzaLnbxddIFyMTqQQQpjTaK3h7HKzEV2Jlt6YeVsQ6IFjBv7GBfa_r921PV4rpNaXi8sCtzDKiz5cQb6ScExukWJp9aojaS0ss4ahN9HbeRRjIvMpa7Qk2jTh1XdXIt7-cNwxxpMUNrCe7L6kGv4Npc3eLT0YMmGu2dXQKDsnmo0OfVhydwBmJTkLdJ5WVn-QjFYucW4umETWAlXVwd0PlAYYsbWUiJ961NU7nIeR5zQUOPo6bEuIyGNAbwPSvCwKNgzgSMVVsUSKBvBBZpZ0lOdwGR1WftcUfMc4j6dfBZLJZ3zPwNxgcySJ2TmA0P3dnalKB7624vjidpaAQXFchv3j7nyKDAPrxtz2tIHonpo5_D1LLNvZPtGw5pkWrT55VPGFWMQtnDBy5c44LNqirYpT8WoXr8sD2J4snqzjlUzxoclASYGQvHrCp_GhTMB4b_ABz836EYe7YS7Bk7HSIgcL_gEpdIMMGcdrc0A
Requested by
Host: dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C9E6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:50:59 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame E2BE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC6D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthXzlGTukzmsZWRwmroRBS42losX19AFf1Z9rqWsib1tH5aBLuxjwT5nw6PN7x_D9tNWKr6D6b3HsvtnFCTNsvA4U_qSKj56Nryz63xAHqiQ2elzLeZ0HgJFTQjLyd-Y7gCI63fM7FjBym&sai=AMfl-YTisBom7A7Vtm8HZVQURm6KD8doaajHYoGuZgkBKnVo0QysqO7sBjyObFVYQWi-CfpWhiE02ddy3YVqad-dHT3W34nJd2YQf9C3hItjTs1-OFdgGLUzLSJnG_M&sig=Cg0ArKJSzHG4hBkdnKTzEAE&cid=CAASF-RojDficMsnOLMdCnnLf0hSapN0JB1j&id=lidar2&mcvt=1000&p=833,436,923,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=740537729&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661014258061&rpt=269&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 36B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstysawHOJXs0t9C4ydfp4gbGhqmC7o84g5zFl9IwF-4gm7XeFXykiJPlDscDbd9m-2OwEpeZon8KQhhwjR3OXhyL80cCKsVp_IfnXlDVjdFuUH8QrTq9GzF9Tl2imMXCnnW5u3GekGPFsIE&sai=AMfl-YRoEG9ievMW6D9yUbzQKwpQyKDlttS8eLtMdbq0zHhnZxDh9DkniT40x1D3Tz11F_GdcwKQnXym4USJbeje3KywQTlJtO9DxYlc2gb13-fAYtaFbmmkoHzvuRA&sig=Cg0ArKJSzPt_9p445K1IEAE&cid=CAASJORoOnEMJ4Mo7mYtIcvaWAv3qQ7eb8jpdUPFGXBjkaYaztgkUg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=191736179&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661014258406&rpt=195&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7ED1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZJfNj2NBwRns4EuD68iRM7rTpZfzaIDBPj56qeDF_4PKxf1W9jq36Jlbpdo96-VW7K8YtJj4mkUYu83mfy538WmzaMj3g&sig=Cg0ArKJSzJxGE8ANUQexEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=250412649&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661014257783&rpt=1067&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7ED1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveV8tNZG62fyBIEkvc4f9amvOlksKVXUUHhR7ocra3oPlSex3vic5WkdBgee6AlrZgPeUB0dGcAuDnI8vVbW-tlsq9RfsZqz3ZdrOqB-66Hb4-2h_SO1nrmc5lmVlmRRi7W-5oyA76z9gb&sai=AMfl-YQ7T5GZzXoA930hcj_J-Rltfxu_FZ1Ck50Agc5x5js6D-iqJJuQIbY7-4F5ms94GzttTqOgB-_M0QmKgcpqm9JBEcLwXQdg7CT-HgVttFuMRRwBiTZpnrqtTX8&sig=Cg0ArKJSzJqFNILs6_8KEAE&cid=CAASJORoeWYAjKhUUZw7qb8CWK_hDx4lFUrgDLNveJ8SA1p2_Hi24Q&id=lidar2&mcvt=1002&p=200,436,294,1164&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2383113923&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661014257783&rpt=1064&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 16:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEN2oz9mUfoOLTgWh2DnQW4I&google_cver=1&google_push=AehlK4DqjTZlqVg073TAb4LYuTIi2Tx2_f4hJ_YRjVUVp7goYos95ldJ_YF7I-HiV7guBjFWqPsHRRIRwY9OrIGAWRqRTJ64tXBd

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ function| jQuery object| btns function| showTooltip function| fallbackMessage function| Growl object| lazySizes function| loadCSS function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ object| justDetectAdblock string| GoogleAnalyticsObject function| ga object| dataLayer function| CountUp boolean| failed object| clipboard object| dropzone function| log_error function| updateStats function| create_session function| chunksComplete string| base_url number| userCountVal object| userCount number| fileCountVal object| fileCount number| downloadCountVal object| downloadCount object| aawChunk object| aaw object| _pbjsGlobals object| teads_analytics function| docReady object| mnet object| __cfBeacon function| recaptchaLoaded function| recaptchaCallback object| myCaptcha function| prepCaptcha boolean| active object| mr object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| parcelRequire object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| GoogleGcLKhOms object| $__CRISP_INSTANCE object| google_image_requests object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_127 object| Criteo object| Criteo_identitytag_127 function| __esp_getUID2Async object| __uid2 object| pbjs

39 Cookies

Domain/Path Name / Value
.ufile.io/ Name: csrf_cookie_name
Value: a66eba4d98ac12576db51bb3236e2685
.ufile.io/ Name: _ci_sessions_
Value: gvbl4qtg2i7uit50dliflupmhc9an01f
ufile.io/ Name: _uc_referrer
Value: direct
ufile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ufile.io/ Name: _ga
Value: GA1.2.663196376.1661014255
.ufile.io/ Name: _gid
Value: GA1.2.1625602553.1661014255
.ufile.io/ Name: _gat
Value: 1
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEw76GEmAY4AUABSAEQ76GEmAYYAA..
.adnxs.com/ Name: uuid2
Value: 6021787332441970919
.ufile.io/ Name: __cf_bm
Value: m7y1nYAxveW.3FOnKBu3_yBWIAFsYh4PKcVJIJlU2W4-1661014255-0-AT1Q5aZeM3RKTvPD/GPegZqcBABfjPEq+AHjlgyBKyR0QBlekasIpD4AraR0q9Pr5tpv7uhScSHiLMMvHQNOkZs81ePfUyokiXLgAcEXmRFT/lTSBhXp9Sgb52ef48KafQ==
.rubiconproject.com/ Name: khaos
Value: L725021K-Y-M9PF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq26jcP2jS+aLU1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zEbAi8Casg1v8db4S9asyb7gcRgjl6EitarYYI9Y0BLB3OlDu/ORdD8=
.ufile.io/ Name: __gads
Value: ID=4dfde6bd1f114473:T=1661014255:S=ALNI_MbbsiboMMnasAI6ceT4QFvmqwJSJw
.ufile.io/ Name: cto_bidid
Value: naIJ3V9STFhZblJxRGN2JTJCQ3g3U1BPYUNZdzZYbDZzRVREZE1JMGhVZXdKS3VNWlBsclN1TElYdmsxJTJCN205UWlMSE9GVjNzNmtnd1JWTE4wT0dZVmp2bnZxQVElM0QlM0Q
.criteo.com/ Name: uid
Value: 7ddb5606-ab8d-4281-8040-af34bd89a10d
.openx.net/ Name: i
Value: 36ef39b0-4369-48b0-8692-5219271a950c|1661014257
.ufile.io/ Name: cto_bundle
Value: uG3lsF96UVZ3N3dZMEVEMzd4dHQyUnJHNndTSmElMkZXODVkblpKd1lwSEhkSzAlMkJBc0xsRUFybFQ2a1p6VHVsWiUyQjRqb3NJYVdoaHZsclB2S25kMGtFNFNCSW04MGpoMDVabkNQZnVMcWV1MXk1JTJGOEttWjhnNlNsMjFPZzgzTVFBY2tTYXFiJTJCU3J4Qnp2UmJoOEd6bHpRWVZibG9RJTNEJTNE
.casalemedia.com/ Name: CMPS
Value: 1182
.casalemedia.com/ Name: CMID
Value: YwEQ8iYmui07mbuQbd.WGQAA
.casalemedia.com/ Name: CMPRO
Value: 1192
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlLRtNG7-yqBmWX5_9BQzfZfy2BqlCJ5lVjLGO5oDo3zqJIGE0nil4Bk1TD7uQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In5I8w2*!@wnfH8K6pQK`!5=E<*L5?%LdYwpEW5*=ivYg)mJ_s3aY2$GMwBnA+NU8SOS%nugO%v4VB%nnw0*>A/F
.turn.com/ Name: uid
Value: 4495574062732590294
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~26p4
.yahoo.com/ Name: A3
Value: d=AQABBPIQAWMCEBCNL88pmldZxf9kkdpHTtwFEgEBAQFiAmMKYwAAAAAA_eMAAA&S=AQAAAv9SnwRrsOJUgaFfJrRk13s
.bidswitch.net/ Name: tuuid
Value: 81139f70-edad-40e7-86f6-a9416d0c994c
.bidswitch.net/ Name: c
Value: 1661014258
.bidswitch.net/ Name: tuuid_lu
Value: 1661014258
.3lift.com/ Name: tluid
Value: 3886133095887143061266
.casalemedia.com/ Name: CMTS
Value: 1104
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22DA82772C-F017-4FEB-AA41-0AEC5060ADCF%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9778ccf7-b699-4c16-ab44-3dc6038454ba-003%22%7D
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332317081_170181287_QTSOHO0103A20220502&ref=27513879_4307561_332317081_170181287_QTSOHO0103A20220502
.scoota.co/ Name: tuuid
Value: 0f81952d-33ce-4a9e-b4a2-da8a226846b4
.scoota.co/ Name: c
Value: 1661014259
.scoota.co/ Name: tuuid_lu
Value: 1661014259
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9778ccf7-b699-4c16-ab44-3dc6038454ba-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aRnseFPME7fQmKvCiHhlYOkKjpspqwZbkAeWUf2UdGt4YBhXbjDJp4ZcFCZaECCjkYhn2UmQN0XAyR2jkZdYrVg1

2 Console Messages

Source Level URL
Text
security error URL: https://dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15396564916658282422/index.html".
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
at.teads.tv
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.doubleverify.com
client.crisp.chat
cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
dbec02e92205cd6ed14f97307a10e194.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
google-bidout-d.openx.net
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.sharedid.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.everesttech.net
pixel.rubiconproject.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.adnxs.com
prebid.media.net
prod.uidapi.com
r.scoota.co
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tag.1rx.io
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
ufile.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
google2waycm.netmng.com
hbopenbid.pubmatic.com
104.18.18.126
104.18.19.126
142.250.185.198
142.250.185.66
142.250.185.98
142.250.186.98
178.250.0.157
18.116.102.143
184.51.9.184
185.89.208.11
192.241.157.60
2.18.69.48
2001:678:cb4:bbbb::11
213.19.147.42
213.19.147.45
213.254.244.112
2602:803:c003:200::31
2606:4700:3036::ac43:9b51
2606:4700:4400::ac40:98f5
2606:4700:440e::6812:2fe6
2606:4700::6810:84e5
2606:4700::6812:1d5b
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:11a:398::26e5
2a02:26f0:ea:4a7::4469
2a05:d018:d29:3605:c111:9aee:7bd3:6707
2a06:98c1:3120::3
3.126.140.73
3.126.56.137
3.127.153.214
34.102.146.192
34.107.148.139
34.120.107.143
34.208.243.53
35.190.0.66
35.227.252.103
35.244.159.8
37.252.172.123
52.4.33.45
52.58.39.129
54.154.5.146
54.247.130.124
69.173.144.165
72.251.249.9
76.223.111.18
82.113.101.132
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
01b1142f321e90d47eefdebcbd06e54161d28b08628c076a4dfeb7ce4b3730ea
02b404a7134ae0fa79c5812f2a54eff95e2f2fc102a45e9de459426f737d9edd
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07cae07a9a6b90715b18d514826a9c4ffe85c55526a14ec36ad33343de35b7d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
11b5f6dfaf48d5ae3fbc61a289a621749cd6f68d16ea3b4dc05f8c90021637f5
11f93382f1da2d64bcf833cf8a267212159c034d0fc21b904d2b6f6e6e5fb2a3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
148ad641ee536ca3305b2a42ac9345f0efa0c3021f6df0c03af8af0e72c7313b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
1932f5f3ad3ab10f6614bccdecb74c573badb2093f616a95648d3f9e296e9d92
1f18951654678c81547a5ebc19eb0d4cede3b2b2d7bf98b5d046130ac6c0cab5
1f716cbe7b345f183af97069614c51fc8246a7271a8cd2ea42d16641361a2849
20d0d2f7b353a3f48367bb3d22749b256e11fe7f040cace12dc1022445dd1844
256bd8f357454308a6de2baee717690a2545cb18a03bfe2772e8f6d819994bfd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2f6fb17d3977d267dfb04337c9d1ba1ccd07577c97886aeb2d8ba76b4dcdfea0
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
345bf1e89765dfe63c693595c916efb95f80ecd1eea9609c700500b3cb3103af
37d926ff1774efcd9da2eb444744d43997376fc9c8ac940785e94f6a13cfc89b
3d1df0a19d1a67d45d3d8215f5d194acb8f35d3107f39dda4e154cc272f3be36
4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489
43a42575bcacf7e9864dba93e2d13054877ff8e6555d9e8ce11095feaabebd49
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b470ec22e4af19429e3da9ccd03ef915dcdf7335bea39dbcf2dd3bfa9d69e02
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b78c656233a707aa5d67729d8a17e7205b42e874388f056eba96773ceb74910
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5a931a4861171005aee69083bcd4f241fa94dd3d401f27de9f180c5c55e99a62
5aaa8cf1bbdb357b02e2a5ad848ada5743e73e3be3a98dc8d62eb4c6c5ee955d
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
606544e1a9799b24a9adb613926b64f4d8e6a920c46c8453dcafbbf5f3aa7524
6119b3a6a86e05dcafef83df6c5cd162bd1dfa6965ef1ab3388fcf8c7b6b5572
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638e43a6b51019f159d93c0e1c2d56eba3a8a0591ddd559727278ee653e28fc0
643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd
6ade280a7e3c14b3cb712a4bd7c14f09ca7948dd8fadd51b1e7498721e600692
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0dfc63785467d75c8b4011e94fd57077456aede306b5c31bbac1b440fd6fa8
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
735fe25c0a387a7acbfb3dbe51ee6e4c2c3be4dcc9d9d11f3a0f9dc5c5f3bc96
75a14100f222a17b1eb489c807cbb02ce82d6eb8c17413b9743e35e175a66d77
79813e0038e4e20ce8b488c94ad783717445f1837efad105f3bd64de360e3a32
7c70d05d3be4b2b893441d3f5c1e046da0b44b10b5f4319529177bfd83ff3489
8366a4aba69c2e526fd19840dd40af877ac4144edb95e139263eaa59a82819b8
840b86f398c3dcb013d15776fee7479c9a7f2fa728948b8d18a4fc60801d988a
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88d8369b68666058956aa206e38808c254e1130d80a9789df8881d36838478ff
8a9a06f160aba46bce077eb347217241b7504127db48aba848e5d834f3667dd3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9386b81002b3ada59667c03a326520500de5db4f6c8252d5778203613bc19eb9
94b33ed3c8183907fe4a877f0fcef26dd622c3d844b00def92423c90e365b32e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
9daaf2ad15bece2b36d07d071fc920778be6efe8b5c9d03436a0ab13cb1a4b71
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a586d884a1d5413849783bea66cb216710fa58ff31bc5bdcb224ee2badae3307
a60c69a8bf2d56c3a5cbb3bf90fcc525e5d30dbf666cc30183f0596161dacda0
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8582576c9951be38ffe5b69068d0260b9c8edec20bb80a64a70c6336796abda
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4180da31dbc2f62ec1b4d62d696b1884e12790176ac40faf48fe36dc02ab6fd
b893bd2153c34ffae47bee4e470670b7f65a55135bf39a131d023fd4c2ba66b2
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb93e41e3d1d3a2a4beb18b2b313b58b7d7a5961a49351459685051563690ca2
bc6f07f2c9534b1ac31df7ed92a03dda250fbd0304fa7d4a6737a00154049c95
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c47615c86ef433100fda4278521445d7bbd7d094c47c9d6d1972b0788426b005
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9c61bb6004fddf317317d374c110f542c304111ce52b5f4603cc13b04ed0704
cb604ff208c0df7df3c773aa7cfc3a2d206aec1efe93e48c8e15c6add9661bbd
ccd695fea5c3ca4fd39d824c339ac397a68d641c798c92e73ef5a4a611473b5f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d416d7edf7d9d6f041761f68d1057b9c1607be38b6d682e87266f54f2492baa4
d568a24ef9532bd792b0ad6790d0a98e464c4c75055fbb8c004512185fba4c76
d9a017fb9c5ce88223233fe2ad652e3542b9b666de3c33b1c5d06b28f226a84e
e00f65b3ee244b14ba9f919a686d5d2ffefe139863ed6392c870ab1581574369
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e718b523b305b456a15e459671f8adaff9f5598b409f8cfe96edade246b4f7f6
e940c384c48d52dd2aabafdf2168c5921129032d687bd54d777b587f35cf9598
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f39e6327e758f12fbbb2aec14b1660dfb246a81ccf5fae5b37d6a521b7c22c86
f6e469f59251b2760f2061fd912cc9c11afcfe487e32d2fa288929fecc9ccc06
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
f8ea88a544a98c57433566110728712131a95fadec32603be8388f9ca437f023
fb2db15a118eb6023b5fc113afb0d05ad42fd9beb710d55dc3ca02546393fb36
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd1bbb3035cd59fa863f2b7051cf0ba278d3731455d229bf8fcfc9e1cdfd4111