mobilesafe.shop Open in urlscan Pro
66.29.132.14  Public Scan

31 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.file-upload.com/cqaq1m0u7abq Page URL
2. https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S-1257753687%3A1653706049542530&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcy8pdosAeJuaN8wvNINHyfGiZwCgY9StP5MBrc08pyDoT-6mzQ4DUaaQwTiWsasdhEouZuvJA

Request Chain 32

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S1594513259%3A1653706049582824&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwhrgpiNju8eY1Z5R_YJxUyHPbvox3VqYiYe008Igduz2yqd_uTXbkbjO0gNRa1irVJUenuZQ

Request Chain 177

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 184

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	cqaq1m0u7abq Show response www.file-upload.com/	20 KB 7 KB	99ms 75ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d3e81e236bc163173c8c83a8d1864e844df36e56e8f698557c5d5d45b80499c Security Headers Name Value Strict-Transport-Security max-age=0;includeSubDomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7123aa77aa185be1-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:47:29 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Fri, 27 May 2022 02:47:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuDVxStLWk5gCcCD7LHx16PNoBSPHV5ATajpy7mqTw0Bp26X25UHO4vwJ4JWwHSwBLrVSqlt2f1RDavENqIpusFRDkNqbNXUXTGxOsslryRv2%2FuspxgQnrMM9%2FiVyie7kX14YjvR"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=0;includeSubDomains; vary Accept-Encoding x-cache HIT from Backend x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	app.css www.file-upload.com/mngez/css/	247 KB 41 KB	18ms 17ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/css/app.css?v=1 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 23937153 cf-polished origSize=253169 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 May 2019 07:43:34 GMT server cloudflare etag W/"5cd288a6-3dcf1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAHh8ZwTBSOj3oyJZs%2Bpr4XGhwKA2PU%2FYh%2FjApiIOPqs%2FhWNVLY3%2BsCiBA%2FKQ8V1AQUSRHgjDJDpKwpSyky7WZqNyMK%2Bp2%2BFy0OoyMadXMnowN6BFYkD4MjrYqaLifEpAVdiw0O1"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7123aa782a7a5be1-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	app.js www.file-upload.com/mngez/js/	235 KB 80 KB	69ms 69ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/js/app.js?v=20 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status BYPASS last-modified Wed, 27 Jan 2021 00:19:59 GMT server cloudflare etag W/"3aa0d-5b9d6bb49011b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache HIT from Backend content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDOJg5iqbkb9B5iwG%2BfQK2zp5fiacjjVJ7sapIwAlz3wk1LENYrB0hplN6EsMMOwt%2BnDYlZAcYuNbATJd4%2FgzXwGNDfV6mGBMIU3N74IZ1gsh7RIMJRnacddjw%2FF%2Fpiqji1KiDnT"}],"group":"cf-nel","max_age":604800} cache-control max-age=2692000, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7123aa782a7b5be1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo_new.png www.file-upload.com/assets/images/	3 KB 4 KB	13ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/assets/images/logo_new.png Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611738 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:00:31 GMT server cloudflare etag W/"c8f-57a3a191435c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24qQjDDtp%2BnttIj9vVTmDE6ZpZ%2BFuJQ0NFqKdNdYyc9rQaxCn8MX6FeysRFwxfXTS5b%2FU9QSZVLsJtr0uvh%2BT%2FF23xntNMvsAyB%2FiO25lGT1Y8DgMa5QqbEQhOxyfYa161ueanDl"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa78d86a9153-FRA expires Tue, 01 Feb 2022 07:05:11 GMT
GET H2	200	/ Show response d26adrx9c3n0mq.cloudfront.net/	492 KB 158 KB	28ms 9ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d2aa4e0589e0d9a540fef953168faf49d1f9340c968e03de4035d2616774ea2b Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:15 GMT content-encoding gzip age 14 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop FRA53-C1 content-length 161118 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id TwUe6b0-E7bL6dl-sNru_wA-sRapPBtX5wbDlh78u8Srxo8b2TcLSA==
GET		page.js file-upload.site/	0 0
GET H/1.1	200 OK	01105f188a1c32226733edcb09dd3870.js elementalantecedent.com/01/10/5f/	0 640 B	496ms 107ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://elementalantecedent.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Sat, 28 May 2022 02:47:29 GMT Server nginx/1.17.6 Strict-Transport-Security max-age=0; includeSubdomains P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent Content-Type application/javascript Content-Length 0 X-Request-ID 8fb9a57f30c9a5e526d1edad62b55833 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ d26adrx9c3n0mq.cloudfront.net/	163 KB 49 KB	10ms 10ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888399 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:15 GMT content-encoding gzip age 14 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop FRA53-C1 content-length 49634 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id f5ZeC5-VPLWBh75FWUjs673jI7-b0J305ie5Zm4p0zQ79un2QPi8lw==
GET H3	200	anti1.png www.file-upload.com/mngez/images/	19 KB 19 KB	15ms 14ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/anti1.png Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611733 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 28 Dec 2018 22:57:30 GMT server cloudflare etag W/"4aae-57e1cfcdbca80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXslGUrcqIzP9lJsDWG7ejYo4u%2Fq0TdBHlsjL7358WHV1ULHSb1Fq5aTasatodvwMFeCrxsM%2FMxf1UX7aPyfGYn7FnckYbCvZDvi86WwyU5x3dzaKOpEtzO8QUNWRR6OLFnw4FEO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa78d86b9153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H3	200	anti2.png www.file-upload.com/mngez/images/	641 B 1 KB	14ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/anti2.png Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611733 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 641 last-modified Fri, 28 Dec 2018 22:56:11 GMT server cloudflare etag "281-57e1cf82658c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lzjtR85kJzmwL9QPKyXRDDrCF9d7J0CrjMvS%2B4l%2FOsrxRW0wcg7afafQI8D7c6NWjUTyZSmHdj2Xvhhwqctl9U0HeyZOWSSmOWPEy0NhrvS7ljS9IRqJdzp3sB6q8OT5bcHe8zm"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7123aa78d86d9153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H2	200	_dmca_premi_badge_4.png images.dmca.com/Badges/	4 KB 5 KB	256ms 182ms	Image image/png	151.139.242.29 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.242.29 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software nginx / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT last-modified Thu, 02 Jun 2011 03:26:26 GMT server nginx x-powered-by ASP.NET etag "0abbdbd420cc1:0" x-cache HIT content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes link <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical" content-length 4535 expires Mon, 27 Jun 2022 02:46:56 GMT
GET H3	200	norton.png www.file-upload.com/assets/images/	5 KB 5 KB	14ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/assets/images/norton.png Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/cqaq1m0u7abq User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611733 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:00:31 GMT server cloudflare etag W/"1363-57a3a191435c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fm1uAI%2FhCcZWb1Zdpp2%2FQiZxJL5dulEduc8TYUbSQE%2BWJQKWkE1vEL%2FluQZtGP4Pg7kO2H9f2%2B3WWJjvflOPBrTDmoi%2BhVGLsz1p9PVHwSW4414Onlp8J828x2TCX2nhzhRzDp2"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa78d86e9153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H3	200	flags.png www.file-upload.com/mngez/images/	15 KB 15 KB	22ms 22ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/mngez/css/app.css?v=1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8840574 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag W/"3aae-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50udbbFh0LrDRAElIqdBUkv9LuNnPtSmJxmfvht4FU%2BisoQavahDKMLgzpRK0lqIYKvYUqxNoVv8LYRzjwpEeebNAkCjvxiHhL%2BCdRfamsXHEAxBySEbXJK6gERqMOAEr9f3cVMS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa78d8789153-FRA expires Mon, 21 Feb 2022 19:04:35 GMT
GET H3	200	poppins-v5-latin-regular.woff2 www.file-upload.com/mngez/fonts/	8 KB 8 KB	27ms 26ms	Font application/octet-stream	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://www.file-upload.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6442 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7904 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag "1ee0-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dls5KdvTuZ8utPnFztA18ZR0vGyHaucqWhRBApsFzR2eN9cXDMXGa7qcYSlcwpSBJOIOv59Y5hsahq3xCzHOq%2FAzK4kBvd7NFVV4sXkRyFCVwDrRoXf18rhPttTNEqjCCdqEJYeC"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://www.file-upload.com cache-control max-age=31536000 accept-ranges bytes cf-ray 7123aa78d8799153-FRA
GET H3	200	fontawesome-webfont.woff2 www.file-upload.com/mngez/fonts/vendor/font-awesome/	75 KB 76 KB	14ms 14ms	Font application/octet-stream	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://www.file-upload.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2749 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag "12d68-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWv6C6X1y4zaQi8PAZky6QZ8hy2J%2B6LKnMLChjcsS97%2FE1e10o4cWI1Sgw3pCbU%2BRycQkwaoZSODvXCxEPeVXcNW3GZTnFpFy8epNTqXs8Ctw3Xwr8IEzM5upaU6htM25a%2FG7%2BES"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://www.file-upload.com cache-control max-age=31536000 accept-ranges bytes cf-ray 7123aa78d87a9153-FRA
GET H3	200	poppins-v5-latin-500.woff2 www.file-upload.com/mngez/fonts/	8 KB 8 KB	27ms 27ms	Font application/octet-stream	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://www.file-upload.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5016 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7884 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag "1ecc-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F%2FXyecnQ2vyMG5e8HT93DTMEzfV2eVy0EieTRxTpvqBD7h2e8fGotztZnCr1oRzccentKJSBS5MENrTjQWc7HMmiovowvo%2F1jYPVYrjrIJXPRayy2pOINtYcWZUGaxsOxTA%2Bhx%2B"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://www.file-upload.com cache-control max-age=31536000 accept-ranges bytes cf-ray 7123aa78e87d9153-FRA
GET H2	200	asd100.bin freychang.fun/	100 KB 101 KB	31ms 14ms	Fetch binary/octet-stream	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4242 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 28 May 2022 01:36:47 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGcO1Axyit4HtxVXq54KlivGpGVZ6HUHxU2YSe2MwA5hMhBm7WvDRpxnMSTOId2enSVwL8Dlvr8rI3DTPOpi7SKlcXoiWiGNUWkrdByLqkmmNK%2Bgru5lqbniZXO86%2B7zFxEwvcQT%2FNjAuVf6"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://www.file-upload.com cache-control max-age=14400 access-control-allow-credentials true cf-ray 7123aa791c5f9bc2-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ freychang.fun/	27 B 369 B	126ms 109ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.file-upload.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BY4uCDULM1lQgNGepuDo04NtkGNGJL2SWDXeWEYW4dnnk4uMXH1h9c%2Fy5TsiQuqwUy82bL%2BxRqOqkXiIO7E2wps5JPAX7qmEvk9pIHkocSLg%2B7%2Fsx3Wh7UCUNNjTI0P3rKeg5h%2F4sO2ziPA"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 7123aa791c609bc2-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx denknowled.xyz/	0 491 B	141ms 95ms	XHR text/plain	108.156.46.17 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://denknowled.xyz/utx?cb=uLJYWE80hL1u&top=www.file-upload.com&tid=888398 Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.46.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-46-17.lhr50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:29 GMT via 1.1 a80cfefba1e25a9103271d8bd22be77e.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop LHR50-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.file-upload.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id UBQy0nJi1ELSAU4_stHT3RexAaP7Svfmg0J39FAPQ211pWhM80D1gg==
GET H2	200	V1s d26adrx9c3n0mq.cloudfront.net/sdkpqakYVJQQMeQIjDld+TnJZU35QIBkFKAZ3HyYwPCMFUh4XKQgbdlA+EA57RmwGCygRd0wPKBV3W0wyBiUBVyQMMx8JPAUkBARgAytXAycpKxgJLh88DxhjRHpCT3Q0Ih4eNlN5K090MG9YLDEBPUQLKhMyC0QlGSdPWA...	853 B 896 B	167ms 167ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/sdkpqakYVJQQMeQIjDld+TnJZU35QIBkFKAZ3HyYwPCMFUh4XKQgbdlA+EA57RmwGCygRd0wPKBV3W0wyBiUBVyQMMx8JPAUkBARgAytXAycpKxgJLh88DxhjRHpCT3Q0Ih4eNlN5K090MG9YLDEBPUQLKhMyC0QlGSdPWAAFIx4PY0QMAg8qBm9YLDETKA-cLNQIvGBljRQhPWHYVOAsdKhM4T152FyYPEidYKQUHb1A/V1s Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding gzip x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 618 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id -VfCpNLBsVmF-_JwVwQKR6PzqC1rBe93Bh2pD4B6lZ_ovvXj5tjqqA==
GET H2	200	asd100.bin freychang.fun/	100 KB 100 KB	33ms 24ms	Fetch binary/octet-stream	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4242 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 28 May 2022 01:36:47 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng1x%2BdFuzLM82ADBFr8P7WmY5tgSyCKFKwSeNk3B2tx7xAvXF69DEv5PZkEWyag7yAh8%2BD9HH9%2BTuksM6QmK6tAMJtR0%2B1UoTJCVhGUhemRhwDYKTLUHKzV%2FX9wfsVft4X3HRQlKYzXP0Ibj"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://www.file-upload.com cache-control max-age=14400 access-control-allow-credentials true cf-ray 7123aa791c659bc2-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ freychang.fun/	26 B 366 B	117ms 109ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.file-upload.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAu96k3KhHtOzf4bBhiaeWrAEIadugGfy5vhXJcvshVrLgTsSA1ikFahzes4xXwv%2F0sx5kosyrYOcNZpBF%2Beqw9N68yb02HS0DKzQcORtmaYnuQVkK%2B0lZz%2FIuPvpw4Jv%2BELhOK%2BN3Cyk884"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 7123aa791c619bc2-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx denknowled.xyz/	0 491 B	135ms 97ms	XHR text/plain	108.156.46.17 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://denknowled.xyz/utx?cb=4onHAZp53ykW&top=www.file-upload.com&tid=889766 Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.46.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-46-17.lhr50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:29 GMT via 1.1 a80cfefba1e25a9103271d8bd22be77e.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop LHR50-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.file-upload.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id CspEAoCx6ItHAD2V-9-e19hdARDwI5PgArQIO83R6CUcw2nErmfBUQ==
GET H2	200	FiYUVT9SZUhRIRIpGR4uGDxRFjhKYA d26adrx9c3n0mq.cloudfront.net/zUXgwTXcyF14rSCURVHBPaUEHe0F3EkMiGSFFUi8/CDljfAFjDlIhJzMUFjkNNUUAaxswFldwUTQWU3BGdwxAIhxsGko0AjICQyMZP15FLEo4GW8sBTIQWTsSI10CfV90SnIlAyUIFX42dEp2aEUXD0c6WTAUVTUWfxtfIF...	859 B 898 B	162ms 162ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/zUXgwTXcyF14rSCURVHBPaUEHe0F3EkMiGSFFUi8/CDljfAFjDlIhJzMUFjkNNUUAaxswFldwUTQWU3BGdwxAIhxsGko0AjICQyMZP15FLEo4GW8sBTIQWTsSI10CfV90SnIlAyUIFX42dEp2aEUXD0c6WTAUVTUWfxtfIFJjPkMkAzRdAgsfNBRAaEUXD1-UvGjALRCgFIl0DD1JjSFM/FiYUVT9SZUhRIRIpGR4uGDxRFjhKYA Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding gzip x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 622 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id 3lP2SurCQ1F80ak-2MDn8eGYVCQLtwAEsKHwzPKaZCf1_e4zrzitzA==
GET H2	200	asd100.bin freychang.fun/	100 KB 100 KB	25ms 23ms	Fetch binary/octet-stream	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4242 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 28 May 2022 01:36:47 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrbC0uUGbyepsbBtOCA0PHxjILoVguNtt9a4l6XN7tDg0c8TT%2FweQK%2F%2F6Wj97emoLk5daJkdo1TAcmEDaWBXy8krev5bz2fLAfS0P8%2FSqp%2Bapcs3MLxqgIh4%2FMWiWoXrgnFZnnbozV4gOVKO"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://www.file-upload.com cache-control max-age=14400 access-control-allow-credentials true cf-ray 7123aa791c649bc2-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ freychang.fun/	26 B 385 B	105ms 104ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.file-upload.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hijehkf%2FHYALdguXLZcSZNjsgOfCyzXocFcw14SebLJCYXvQ5DaXAtOFKmx6NgAqflwv%2BD7CJ%2BAUO484pRnq5ATu9OFJygZLk4V9Cgcmn0EaWwxPrNnBbbwgh7eVzs%2Bx3kjItKqGOuZN2ngK"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 7123aa791c639bc2-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx denknowled.xyz/	0 492 B	128ms 97ms	XHR text/plain	108.156.46.17 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://denknowled.xyz/utx?cb=UiiXj8rmYUSK&top=www.file-upload.com&tid=922253 Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.46.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-46-17.lhr50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:29 GMT via 1.1 a80cfefba1e25a9103271d8bd22be77e.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop LHR50-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.file-upload.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id EOKGMOUAUVHQ6t3rkujVo281ixn4D1cp-MLd3Y-2EUg6pLg5PEvG6A==
GET H2	200	ORsVZRhuWgA1KCofXDMoblwANzYuEFF4OSQFGXAvdlk d26adrx9c3n0mq.cloudfront.net/zS2gwVlooB14wZT8BVGtjeVoCY2ltAkM5NDtVQxQAfhFFBT0jW1Q7AiwGUnAuMQwNZnwnCV4xZ20NXjVnek5EJjUgVVIsIz4LSiU0JQYWIzt2AVEJOzkLWD8sLhoVZGpjTQIUMj8cQHNpCk0CEH95LkchLWUJXDMiKkZTOT...	660 B 753 B	160ms 160ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/zS2gwVlooB14wZT8BVGtjeVoCY2ltAkM5NDtVQxQAfhFFBT0jW1Q7AiwGUnAuMQwNZnwnCV4xZ20NXjVnek5EJjUgVVIsIz4LSiU0JQYWIzt2AVEJOzkLWD8sLhoVZGpjTQIUMj8cQHNpCk0CEH95LkchLWUJXDMiKkZTOTduWnYlMz8NFWQcIw1cJn95Lk-czOCYJQyI/ORsVZRhuWgA1KCofXDMoblwANzYuEFF4OSQFGXAvdlk Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding gzip x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 476 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id SsP-VcbHWXm3Iq9BaE7xdBogcD6g9TTZxUkQyZfFuu54PJvIsbesfw==
GET H2	200	PCRNCRYTADsLCSgBQSwKFzNWDCo2aUBePDM6F0V2NzoTRWF0IRFFOTMLEQozOj0GHSJ3ZkBQdWAWGAwkInFDOXVgElVKFiUjB1YxPjEIGX4xOx1dYhQnGQw1d2Y2EDU+JFVKFiUxEhUxISAVCiN3ZzJdYmI3Ah-knPjECXWRiNRwdKDN6Exc9e3IFRWE d26adrx9c3n0mq.cloudfront.net/WVHB4UFI3HxY2bSAZHG1qbUZJaWpyGgs/	186 B 463 B	161ms 160ms	Script text/plain	2600:9000:214f:3600:b:b271:7c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/WVHB4UFI3HxY2bSAZHG1qbUZJaWpyGgs/PCRNCRYTADsLCSgBQSwKFzNWDCo2aUBePDM6F0V2NzoTRWF0IRFFOTMLEQozOj0GHSJ3ZkBQdWAWGAwkInFDOXVgElVKFiUjB1YxPjEIGX4xOx1dYhQnGQw1d2Y2EDU+JFVKFiUxEhUxISAVCiN3ZzJdYmI3Ah-knPjECXWRiNRwdKDN6Exc9e3IFRWE Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3600:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding gzip x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 187 via 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront) x-amz-cf-id 4JdEAGAAtfSi2adUi94k_tGNxRYkj2muVlKZEiNtUZ0umNhGtzVCsw==
GET H2	204	bE1Td1pDcjAEZyF9OyE+AQAfETciAgUAAFsUYzk7LQUrHQg6BHUDMwhwa09iX3RrUSoFKW5GfB85MgMvH3BiUTMCKzxKfBpwYllpWGNhQXRcayZKa0o5IxY9UXx1By4YIW5GbFl+ZEdsXHlqQ25e dinterperson.xyz/	0 259 B	143ms 119ms	Image text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dinterperson.xyz/bE1Td1pDcjAEZyF9OyE+AQAfETciAgUAAFsUYzk7LQUrHQg6BHUDMwhwa09iX3RrUSoFKW5GfB85MgMvH3BiUTMCKzxKfBpwYllpWGNhQXRcayZKa0o5IxY9UXx1By4YIW5GbFl+ZEdsXHlqQ25e Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tw9UlNY1A3API4d1OAm82Ah9BnKvlituWNhy1JwDntjL%2BqdY85%2Flj42vSFipqPJSioR4EMkkJj%2F446z8zrPzewwfrV5xG9PG5d7fs9xpXaSYxFRQQkA2eJ8nqRyfPr%2BoR1A%2Fds7rnfbKieBTn8i9"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa795de0996f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	112ms 91ms	Image text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/v3/signin/identifier?dsh=S-1257753687%3A1653706049542530&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSign...	0 0	90ms 61ms	Image text/html	2a00:1450:4001:810::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S-1257753687%3A1653706049542530&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcy8pdosAeJuaN8wvNINHyfGiZwCgY9StP5MBrc08pyDoT-6mzQ4DUaaQwTiWsasdhEouZuvJA Protocol H3 Server 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 520 x-xss-protection 1; mode=block pragma no-cache server GSE date Sat, 28 May 2022 02:47:29 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S-1257753687%3A1653706049542530&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcy8pdosAeJuaN8wvNINHyfGiZwCgY9StP5MBrc08pyDoT-6mzQ4DUaaQwTiWsasdhEouZuvJA cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'nonce-Z-6jt9WmuhB4yAYkwrvVZg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/v3/signin/identifier?dsh=S1594513259%3A1653706049582824&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteS...	0 0	212ms 211ms	Image text/html	2a00:1450:4001:810::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S1594513259%3A1653706049582824&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwhrgpiNju8eY1Z5R_YJxUyHPbvox3VqYiYe008Igduz2yqd_uTXbkbjO0gNRa1irVJUenuZQ Protocol H3 Server 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 523 x-xss-protection 1; mode=block pragma no-cache server GSE date Sat, 28 May 2022 02:47:29 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S1594513259%3A1653706049582824&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AU9NCcwhrgpiNju8eY1Z5R_YJxUyHPbvox3VqYiYe008Igduz2yqd_uTXbkbjO0gNRa1irVJUenuZQ cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'nonce--OuLIXVHJn2ZL_OjaO5RqQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	bjdweEtBCBMLdg9ZJi0dOFsWKnkoXxJJcipuQgAsOXIIExE5B1YMIgoKSEByWQFGXjsHU01JbR1DEQw+HQpBXiIAUR9FbRgKQVZ4WhlCTmVeEQVFekhDABksUwZWCD8aW01JfVsER0h9XgNJTH5e dinterperson.xyz/	0 492 B	124ms 101ms	Image text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dinterperson.xyz/bjdweEtBCBMLdg9ZJi0dOFsWKnkoXxJJcipuQgAsOXIIExE5B1YMIgoKSEByWQFGXjsHU01JbR1DEQw+HQpBXiIAUR9FbRgKQVZ4WhlCTmVeEQVFekhDABksUwZWCD8aW01JfVsER0h9XgNJTH5e Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHMJ3X3scMRC2QbWH5TN2GW1jByWNLVmOmFFI8xmYydB7lreCJBkh4A19ejThGZXHG0TVlTeMQB8%2BAN6s9xEfZ4Rj4h9ZwtWqvazWhVXcmoWRRCimNzAvxA8OxfDxylRs5SGk%2FqzreOBThe6PIH6"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa795de3996f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	YzBWSG1MDzU7UAdbED43NXYQLDsHUwx4I1ZmZxoGMQMMKTg0ZXA8BAcNb3pfUQVlbh0KVGt5SxBENzwYEA1nbgQNVjl1SxUNZ2ZeVx5kfkNTFiN1XEVEJikKXgFwOBkXXGt5W1YDYXhbUwRvfFhb dinterperson.xyz/	0 263 B	131ms 108ms	Image text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dinterperson.xyz/YzBWSG1MDzU7UAdbED43NXYQLDsHUwx4I1ZmZxoGMQMMKTg0ZXA8BAcNb3pfUQVlbh0KVGt5SxBENzwYEA1nbgQNVjl1SxUNZ2ZeVx5kfkNTFiN1XEVEJikKXgFwOBkXXGt5W1YDYXhbUwRvfFhb Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arrbNb2P7iM5uJo0ZN%2B7GdXf1RjA5%2BIA1mxcK3NZxoCSXPk9T50srzK3OQebVv3HlsuXyDMezjTBxchqTdjXvNGWzYtuV%2F%2BaFwRnFcPeVWIpBeUkUEsnD%2FsTxDVPof%2FGQooAuROItyTVa%2F2IA7sb"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa795de4996f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	bFZgfWBmV2B4Z2hTYHs dinterperson.xyz/U1FnVkh8bgQldR0VJmcsFCIiFQkJFjAHARkTV2cbFwA+ExkFPkEiITdsX29+YmhfcDg6NVpncHUiEzc8JiJaZ246PwE5dXUnWmdmY39WeHh1JFpnbichBjF1YncXIjw/	0 258 B	128ms 106ms	Image text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dinterperson.xyz/U1FnVkh8bgQldR0VJmcsFCIiFQkJFjAHARkTV2cbFwA+ExkFPkEiITdsX29+YmhfcDg6NVpncHUiEzc8JiJaZ246PwE5dXUnWmdmY39WeHh1JFpnbichBjF1YncXIjw/bFZgfWBmV2B4Z2hTYHs Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jr0IJOkfRlMSHW6PP23xCM%2FtV7t7gU231LB35YUSq1HOilneNdAKW7lgfBqgdFpzZDnKpMn9QoVIWmzZ0EDo9w9ZG7FkIeBpdmE8Zn0bp2HYvwAVGKfQkamX8dM5WjvEhJMkrRfKBWVCMAwGO%2FQ"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa795de6996f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	Primary Request / Show response mobilesafe.shop/file.php/	19 KB 6 KB	501ms 165ms	Document text/html	66.29.132.14 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium197-2.web-hosting.com Software LiteSpeed / Resource Hash 7d604e926fd65df8482b6ba313c83566868e762d9340cd85d7e12a46bc996a95 Request headers Referer https://www.file-upload.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers content-encoding br content-length 5971 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:47:29 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
POST H3	204	cmJpZTddXQoWCiM1OyltJjAQMH88ASgLZREBWDR1ESQnQAUwNzgkEQYLDVgOQFBbUARUEgABCkNEGhFWBhcaWARCUlhDXhwEBlgHQlJYQ0FPU0dWA1xQX0sHVBdUVA9AV15TAEBTXFAHS1tRXREGEggCCkNEGRFDHl9YUwJBVVlTB0ZbUVcF dinterperson.xyz/	0 508 B	120ms 102ms	Ping text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dinterperson.xyz/cmJpZTddXQoWCiM1OyltJjAQMH88ASgLZREBWDR1ESQnQAUwNzgkEQYLDVgOQFBbUARUEgABCkNEGhFWBhcaWARCUlhDXhwEBlgHQlJYQ0FPU0dWA1xQX0sHVBdUVA9AV15TAEBTXFAHS1tRXREGEggCCkNEGRFDHl9YUwJBVVlTB0ZbUVcF Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aGOF78LKkO4GIAOQWeXE9L802T%2BG32nu0dZRbC5VTXXSKloGpMXxrrFAy6m6Qkpu7ohnHRoU7U2Yk8OkfoVdaPjNPB6QTPiOKbXWoQ8ixDtd5NFZU3VAGkw9%2Bb4VvsgujYKpIJlc%2BrPv7GQfVuF"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa7b891b9ba0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	VF96UHVVX39Xe11bew dinterperson.xyz/ZWlPY0JKViwQfwACOxoPVAEMBRc0JS0me1E7DjkqNjF2JgMiAmkXKwFUd1t6VlB3RTIMDXJSZBYdLhc3FlR8U3JUTyYNJApUf1NyVE85XnNLWntNcFNHf0U3WFh3UXdSX3hRc1Bcf1p7XVFpFzIEDnJSZBUdOw9/	0 474 B	128ms 112ms	Ping text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dinterperson.xyz/ZWlPY0JKViwQfwACOxoPVAEMBRc0JS0me1E7DjkqNjF2JgMiAmkXKwFUd1t6VlB3RTIMDXJSZBYdLhc3FlR8U3JUTyYNJApUf1NyVE85XnNLWntNcFNHf0U3WFh3UXdSX3hRc1Bcf1p7XVFpFzIEDnJSZBUdOw9/VF96UHVVX39Xe11bew Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=888398 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSo23cIZWI7RE28jtm9hxuoAG%2BVR%2BjdlTtdWI7329oW%2BYPuhSYTl8d2IPJscAIDjwUruR18oNuC%2F5C3aHvgNDsl4QS2eyYLniPTYrWIMvn8h3qLNbuT8VI67UPiSfTM1sA%2FfUyZ7%2FP404jUL7AKh"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7123aa7b891e9ba0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	up.js Show response live.demand.supply/	4 KB 3 KB	101ms 77ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a4c25bcbb364ce3bb9ead3cf0392dc53f4a0e63aad1a0a0558880414cc76a2e Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3GPQ17JK5BF4746ECW2S8RN date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT age 419 cf-polished origSize=3935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * cf-bgj minify server cloudflare etag W/"494845b5e1573e696774a390a39e22e4-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 7123aa7c9e5e9a2f-FRA link <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw==>; rel=preload; as=script
GET H2	200	js Show response www.googletagmanager.com/gtag/	100 KB 39 KB	65ms 25ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-126662314-1 Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 25410b6356daa907ad89631faa264041ce20de666efb3cb71af591e3fbdd343c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39566 x-xss-protection 0 last-modified Sat, 28 May 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	app.css www.file-upload.com/mngez/css/	247 KB 42 KB	24ms 22ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/css/app.css?v=1 Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2267221 cf-polished origSize=253169 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 May 2019 07:43:34 GMT server cloudflare etag W/"3dcf1-5885b7da20d88" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ou9d8TGwKqX1njyHRy5Na3sbfDowkKQ%2FKtYU71%2FBD%2FvwnvuYe8ta8MLHmfve3mTvq4HQ58s1EtnrawXYI8hSIEb7DgvTAWvwsVaHu8x2q9vlKkSmJ4NvxifytzeqZJZTLJfHL6Gl"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * expires Mon, 02 May 2022 21:00:28 GMT cache-control public, max-age=31536000 cf-ray 7123aa7c6e5f9153-FRA cf-bgj minify
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	289 KB 82 KB	24ms 14ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6 Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c1e57e3de70c1b82b3194e07a17d8660c19f376d463f9250b263e398e42f6c4b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://mobilesafe.shop/ Origin https://mobilesafe.shop accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 QxZn4Kk2cZqgwdy+LMr48Q== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Sat, 27 May 2023 04:18:01 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 84257 x-fb-rlafr 0 x-fb-debug 9OR4woS0PTOEwODan7VgB/pCi2l2HvUU1bYPXodtmrTTdArTDZl+X413kjsfybZJ9cBbURbL5pQH8THrwNxp1Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 13d0e09f6da571be7371995b009dbeb0 cross-origin-opener-policy same-origin-allow-popups date Sat, 28 May 2022 02:47:30 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "a98b766c0cf9d9d86ac9c322b986cf53" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	41ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 011215a968074cd59e40d2c863e97d0e716b33f112911875150de317831c1029 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 yJQ7GVR12HkteVKx+8aOlA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1685 x-fb-rlafr 0 x-fb-debug k5XFv+H2hH81DIKv7LisIEpMf9PgjleGOVG9t/Ddlfd1H3JvsM8BWy/FiPPnw4w3XO8bYgtt9Fueq8GtvnThKA== x-fb-trip-id 686109401 x-fb-content-md5 d5fbcd4977a42d34cd834d8a5fbb5af4 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "dbd5866c08c95b0e6a9a04ac8fec8231" timing-allow-origin * expires Sat, 28 May 2022 02:59:38 GMT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	52ms 13ms	Script text/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6996 date Sat, 28 May 2022 00:50:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Sat, 28 May 2022 02:50:54 GMT
GET H/1.1	200 OK	atrk.js Show response certify-js.alexametrics.com/	4 KB 2 KB	31ms 7ms	Script application/javascript	99.86.4.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://certify-js.alexametrics.com/atrk.js Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.4.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-90.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Fri, 11 Mar 2022 09:39:01 GMT Content-Encoding gzip Connection keep-alive Last-Modified Tue, 27 Apr 2021 18:03:54 GMT Server AmazonS3 Age 6714509 ETag W/"d89453438fbf10dcf4c13265c40d5160" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront) Cache-Control max-age=26920000 Transfer-Encoding chunked X-Amz-Cf-Pop FRA6-C1 X-Amz-Cf-Id 8I-QlLHNRWb_ASUgeEa0uyNDe5HGLLnz_r7vGCEiSu1PO_ahLZmHsg==
GET H3	200	app.js Show response www.file-upload.com/mngez/js/	235 KB 80 KB	66ms 65ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/js/app.js?v=20 Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status BYPASS last-modified Wed, 27 Jan 2021 00:19:59 GMT server cloudflare etag W/"3aa0d-5b9d6bb49011b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache HIT from Backend content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrw2xEdwGo5zm0CZEXvI8Mgc4TH%2Fo84Mhmh7AbgLCSegTAjb8Wg44Z5gFK27W8KI%2BwpBq7hwiUT9HZYdOhKMIyAgGmgr56NwYT%2F3UU1TiA0WMXBxKsoddd2EfrqXvPG50rpmdOTc"}],"group":"cf-nel","max_age":604800} cache-control max-age=2692000, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7123aa7c6e629153-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo_new.png www.file-upload.com/assets/images/	3 KB 4 KB	14ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/assets/images/logo_new.png Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611739 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:00:31 GMT server cloudflare etag W/"c8f-57a3a191435c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKW9GYaEzwYyu8kvx97Tj3SsreUp0r4ySYxRzvnd7elPzUIUAoRAYfEmWgv5uLg2%2Fbu2jmxcAX7fcdDmYZZSOQQDn6EAq0hgnMdvGVbYRg5kzkh5%2BCADZhJu3A8ksVhLInA00i%2BL"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa7d0f6e9153-FRA expires Tue, 01 Feb 2022 07:05:11 GMT
GET H3	200	anti1.png www.file-upload.com/mngez/images/	19 KB 19 KB	14ms 14ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/anti1.png Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611734 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 28 Dec 2018 22:57:30 GMT server cloudflare etag W/"4aae-57e1cfcdbca80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVpBEbGOqq0ZK0gI%2BlRRTkeBDGG%2BbZ6K3LjuHmKpchZrxhCYdAqk2qO54qXpG%2BEQ4z75Gd%2BgsEVhPRybdgmep8gFQ3jWLxVnKJkcY5koFc%2FF%2F9pzQw0KwVnS1flePrFPROUGdhJX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa7d0f719153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H3	200	anti2.png www.file-upload.com/mngez/images/	641 B 1 KB	15ms 14ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/anti2.png Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611734 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 641 last-modified Fri, 28 Dec 2018 22:56:11 GMT server cloudflare etag "281-57e1cf82658c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XY1lBS3AseiZwfd4c53THN0Tbt8jdkiXMnKt0YGRrUBZgLLKAlemTJ3Ol08TxZ%2BwY7CTz2uxbNOnZHIBxhZBjSlCJ40AaRETvidoFoLGVnUH%2F5ykxXAdJA3KhvFJekmW3I48uMd"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7123aa7d0f729153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H2	200	_dmca_premi_badge_4.png images.dmca.com/Badges/	4 KB 5 KB	7ms 7ms	Image image/png	151.139.242.29 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766 Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.242.29 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software nginx / ASP.NET Resource Hash 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT last-modified Thu, 02 Jun 2011 03:26:26 GMT server nginx x-powered-by ASP.NET etag "0abbdbd420cc1:0" x-cache HIT content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes link <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical" content-length 4535 expires Mon, 27 Jun 2022 02:46:56 GMT
GET H3	200	norton.png www.file-upload.com/assets/images/	5 KB 5 KB	14ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/assets/images/norton.png Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/file.php/?get=https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10611734 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:00:31 GMT server cloudflare etag W/"1363-57a3a191435c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68UnMuqLghTgXVGGvn27hVJ7uU56nhjtZbM8q2Ci9YjgbNQHGkS%2BCGRrIAl6zLiADIbHBI%2FbPCSWkOIKKylGqM3Yp3q%2FrivNPvoknuBIvHC4iZs1HvMwaLdNahhH4DhmiqMpXjs3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa7d0f749153-FRA expires Tue, 01 Feb 2022 07:05:16 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	294 KB 84 KB	17ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=bf9a64293e676cbaae2daf143ac180a1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 94ebf24e6b2b935e0885ad3454b4d85f1a460b96f38adbac75943008d94da563 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://mobilesafe.shop/ Origin https://mobilesafe.shop accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 OQpt18O/C1qPZJ0lcWlclA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85708 x-fb-rlafr 0 x-fb-debug M7WdqXBc+JbrOElOu6cLMdbGFl4CuJlPxs7uBAVvHOn4b0mpXhDQ6CA04LDILD7Dlb0ff5VUb412U2DOyrmXjw== x-fb-content-md5 4b09c21d0808800d3604a5b8126ec2f1 x-frame-options DENY date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "fb8406e2ce0f9ef70aad6ee1366ae0ee" timing-allow-origin * priority u=3,i expires Sun, 28 May 2023 01:29:10 GMT
GET H3	200	flags.png www.file-upload.com/mngez/images/	15 KB 15 KB	13ms 13ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file-upload.com/mngez/css/app.css?v=1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8840575 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag W/"3aae-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBFmllJLm36MsSwtsPSakq8CQzFrxzw%2ByBWPnpy7Bxw%2Bs%2FRtGpzo%2B2omB5%2B0B1tDpq1jhsQek%2B%2FFVcy0chgxNfUfSuk%2FzXZvfhwNshjE9iOyLiAUtfwfUchiAIMFgDAp0jNDDSDX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 cf-ray 7123aa7d0f7d9153-FRA expires Mon, 21 Feb 2022 19:04:35 GMT
GET		poppins-v5-latin-500.woff2 www.file-upload.com/mngez/fonts/	0 0
GET		poppins-v5-latin-regular.woff2 www.file-upload.com/mngez/fonts/	0 0
GET		fontawesome-webfont.woff2 www.file-upload.com/mngez/fonts/vendor/font-awesome/	0 0
GET H3	200	impl.v15.0.0.js Show response live.demand.supply/	77 KB 25 KB	30ms 21ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v15.0.0.js Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3GPPYJ7DTVFG43BZ1A6MNXB date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT age 656690 cf-polished origSize=79512 cf-ray 7123aa7d1c5a9a24-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin *
GET H3	200	bW9iaWxlc2FmZS5zaG9wLw== Show response live.demand.supply/p4/v14-3-0/	2 KB 990 B	56ms 46ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v14-3-0/bW9iaWxlc2FmZS5zaG9wLw== Requested by Host: mobilesafe.shop URL: https://mobilesafe.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47fc2aaa0e149108bb772913151807fcefa62caa151cc56e69e873e818dcfe08 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7123aa7d1c599a24-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	53ms 14ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-126662314-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1702 date Sat, 28 May 2022 02:19:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 28 May 2022 04:19:08 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 400 B	25ms 15ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=103&cs=c&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7d3e499b3d-FRA
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	160 KB 55 KB	72ms 37ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1b48ba758837ace2a3c2b67787a3850bb555cb333e0a90796e437b29518a1c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56220 x-xss-protection 0 server cafe etag 1692913991101087508 vary Accept-Encoding, Origin content-type text/javascript; charset=ISO-8859-1 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 28 May 2022 02:47:30 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	82 KB 82 KB	81ms 26ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 81e1cfa3d7d84ee85ec93158371e929dbc067311b76d83a053d4f377f5608da1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe etag "1228 / 155 of 1000 / last-modified: 1653689052" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 83470 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	ds.2.html Show response live.demand.supply/	413 B 469 B	32ms 23ms	XHR text/html	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G40M30TYSE2AH66KGEGZ5QPP date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT server cloudflare timing-allow-origin * age 122542 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 7123aa7d3e4d9b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	fontawesome-webfont.woff www.file-upload.com/mngez/fonts/vendor/font-awesome/	96 KB 96 KB	14ms 14ms	Font application/font-woff	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07 Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://mobilesafe.shop accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 122542 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag W/"17ee8-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKnTd1hpKpL8tN%2B4sgh7alBzm8My3J6MbOkERmI0ZM%2FnERXwjj6ITgYaaP1QVrouHctIpNABNuzMzbgptjNQUV2RmSQh24Y0n9PWLqVR%2FpCMs8qRyoIvH7%2BiOIW3b%2BZVc3YVgRBy"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7123aa7d3d6c9c07-FRA
GET H3	200	poppins-v5-latin-regular.woff www.file-upload.com/mngez/fonts/	10 KB 11 KB	16ms 16ms	Font application/font-woff	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://mobilesafe.shop accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 122542 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag W/"28a0-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij0R3g%2Fog5SgmrTqm%2BnkD1nnCdGc8k6nabma6wX8QSNovmrCwh7GKHEKS9QJ295TZEZmt6Xg5uZQFlx%2FPgP5Sghwfp3SgwgriIyY49MwBKMbAIzndUAbnsfsPzUNcDOWWhT0bJOf"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7123aa7d4d869c07-FRA
GET H3	200	poppins-v5-latin-500.woff www.file-upload.com/mngez/fonts/	10 KB 11 KB	16ms 16ms	Font application/font-woff	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95 Requested by Host: www.file-upload.com URL: https://www.file-upload.com/mngez/css/app.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983 Request headers Referer https://www.file-upload.com/mngez/css/app.css?v=1 Origin https://mobilesafe.shop accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 122542 x-cache HIT from Backend alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 09 Nov 2018 12:02:27 GMT server cloudflare etag W/"28b4-57a3a1ffe3ac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbgMWd3xIFw%2Fo7dMODQyu16M%2FGMzsPGxG%2BbR3VpMeAbVme6ea%2Fl7B6gYeBNpoYkemcw1yN98sUofQaVq%2BmdNlWL9AQzF6YISTDSa4%2B%2B1LFUhZUAT4thhm2sg05Ln%2BPwUt44xxDrU"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7123aa7d4d879c07-FRA
HEAD H3	200	e.js Show response live.demand.supply/x/	0 363 B	13ms 13ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3RM2K0M5B9CQWKE2FDTDA8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7d6ea09b3d-FRA
GET H3	200	mobilesafe.shop_auto_interstitial_desktop Show response live.demand.supply/cpi/	25 B 253 B	150ms 150ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cpi/mobilesafe.shop_auto_interstitial_desktop?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0a34e538cf2787905eefed5f6029bc659febecf7f4fdddd42ae76d2570f3b36 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7123aa7d7eb49b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 25
GET H3	200	sdb.css live.demand.supply/css/	4 KB 2 KB	14ms 14ms	Stylesheet text/css	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/css/sdb.css Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01FYNHR9AV6B50KEQQBHX0GPK5 date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 1451298 etag W/"ec00ccc2678f0bda8ad9a0a421a8790a-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 7123aa7d7cb99a24-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	mobilesafe.shop_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	28 B 256 B	266ms 266ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/mobilesafe.shop_auto_728x90_sticky_display_bottom?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29140ac5ff8abb0490dd46ff2b018ff1cf1c12ef76189a338b3172c96b020134 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7123aa7d7eb79b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28
GET H2	200	mobilesafe.shop_fluid_lb+sq_sqle Show response api.demand.supply/v14-3-0/a/	319 B 570 B	38ms 21ms	XHR application/json	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v14-3-0/a/mobilesafe.shop_fluid_lb+sq_sqle?&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c5f78fe8666aca23d1081848a3c6f4862e5e4804bb000b57f45cf4eac46bbc3 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding br cf-cache-status HIT server cloudflare age 3449 etag W/"13f-8wTKNPCZg8JqdQt52K50FvCcRVw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7123aa7d9da092b9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	mobilesafe.shop_fluid_sq_square Show response live.demand.supply/cp/	27 B 255 B	299ms 299ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_square?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46c201a7855b546e1d1867e48d8e9b691deadd150249f022a7761c7a526edea6 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7123aa7d7eba9b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27
GET H3	200	mobilesafe.shop_fluid_sq_sq Show response live.demand.supply/cp/	28 B 256 B	268ms 268ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/mobilesafe.shop_fluid_sq_sq?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29140ac5ff8abb0490dd46ff2b018ff1cf1c12ef76189a338b3172c96b020134 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7123aa7d7ebb9b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	49ms 20ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1080394776&t=pageview&_s=1&dl=https%3A%2F%2Fmobilesafe.shop%2F&dr=https%3A%2F%2Fwww.file-upload.com%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1180877957&gjid=1001142139&cid=227461871.1653706050&tid=UA-126662314-1&_gid=1106794244.1653706050&_r=1&gtm=2ou5p1&z=589529462 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mobilesafe.shop/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-Type text/plain Response headers pragma no-cache date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mobilesafe.shop cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	mobilesafe.shop_fluid_lb+sq_sqle Show response live.demand.supply/cp/	27 B 255 B	305ms 304ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/mobilesafe.shop_fluid_lb+sq_sqle?mlcu=null&mlos=ot&mlbr=ot&mlla=en&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0854051280a3150d292867b602f37bd22bc38419f49eace29f36885b66e62f0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7123aa7dbf019b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 29B2	10 KB 5 KB	48ms 14ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 19266 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4402 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 27 May 2022 21:26:24 GMT etag 1327746537699501093 expires Fri, 10 Jun 2022 21:26:24 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_2022052401.js Show response securepubads.g.doubleclick.net/gpt/	365 KB 124 KB	43ms 15ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 21:32:09 GMT content-encoding gzip x-content-type-options nosniff age 18921 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126668 x-xss-protection 0 last-modified Tue, 24 May 2022 08:38:19 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 27 May 2023 21:32:09 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	122 B 121 B	52ms 25ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobilesafe.shop Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 62ba241369fb74e847f72e4b8cd82d85ac31cc4041687e59580dba6b73476a77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=ISO-8859-1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 96 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	53ms 52ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_interstitial_desktop&pdc=2.139464855194092&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7e783f9b3d-FRA
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 795 B	70ms 23ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=mobilesafe.shop Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=ISO-8859-1 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 552 B	56ms 23ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=mobilesafe.shop Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=ISO-8859-1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	138 KB 45 KB	322ms 321ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=364745092709711&correlator=2857686084503871&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C50fc0f43-4725-4777-97b5-d130f3f3f36a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1116909576&sfv=1-0-38&ecs=20220528&ists=1&fas=8&fsapi=false&prev_scp=ti%3D69241749-aa15-4370-883d-c398d2c3738f%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706050359&lmt=1653706050&dlt=1653706049978&idt=359&biw=1600&bih=1200&ucis=1&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ea=0&ga_vid=227461871.1653706050&ga_sid=1653706050&ga_hid=1080394776&ga_fc=true&btvi=-1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ec4917e910396e0bff9f8bb2800b55d52026b9b583e60bf6775a1e06b98239e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46330 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://mobilesafe.shop cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2966	6 KB 6 KB	101ms 21ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads_2022052401.js Show response securepubads.g.doubleclick.net/gpt/	36 KB 13 KB	13ms 13ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052401.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 4e7790c3dd31876e64337d4bf7d6a6779e4b48283b81ece6fbfad607e980977e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 15:14:35 GMT content-encoding gzip x-content-type-options nosniff age 300775 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13354 x-xss-protection 0 last-modified Tue, 24 May 2022 08:38:19 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 24 May 2023 15:14:35 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	13ms 12ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=mobilesafe.shop_auto_728x90_sticky_display_bottom&pdc=0.007148750126361847&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7f29309b3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	77 KB 30 KB	269ms 269ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=364745092709711&correlator=3907660384752143&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cf152fd0a-aa6a-4efa-8db4-3b15697ae52b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3551285455&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3D69241749-aa15-4370-883d-c398d2c3738f%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706050426&lmt=1653706050&dlt=1653706049978&idt=359&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ea=0&ga_vid=227461871.1653706050&ga_sid=1653706050&ga_hid=1080394776&ga_fc=true&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 6fb9d08ffdfa3cfd223e603cf961133a33ac4bec0c24177bfdf9214bf2e99d1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31085 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://mobilesafe.shop cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	15ms 15ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_sq&pdc=0.007148750126361847&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7f394a9b3d-FRA
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	84ms 33ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=mobilesafe.shop Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=ISO-8859-1 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	54ms 24ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=mobilesafe.shop Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=ISO-8859-1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	68 KB 28 KB	334ms 334ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=364745092709711&correlator=3406296930843974&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Cecc5ff8d-fb57-40bd-ae7c-b9ab38ef0b20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=3690871513&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3D69241749-aa15-4370-883d-c398d2c3738f%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706050444&lmt=1653706050&dlt=1653706049978&idt=359&biw=1600&bih=1200&adxs=245&adys=847&ucis=3&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=227461871.1653706050&ga_sid=1653706050&ga_hid=1080394776&ga_fc=true&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 146981b20d8b8b718ab8e3406fe526a6ab80c165e2607b8a24a5b38bbe138da5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28984 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://mobilesafe.shop cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	16ms 16ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_sq_square&pdc=0.05004125088453293&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7f59859b3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	88 KB 33 KB	301ms 301ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=364745092709711&correlator=1326220557174409&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2C41035550-e6ce-4a9a-affa-92417da35c2f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=3637477135&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3D69241749-aa15-4370-883d-c398d2c3738f%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706050460&lmt=1653706050&dlt=1653706049978&idt=359&biw=1600&bih=1200&adxs=245&adys=231&ucis=4&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x296&msz=1110x296&fws=0&ohw=0&ea=0&ga_vid=227461871.1653706050&ga_sid=1653706050&ga_hid=1080394776&ga_fc=true&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 16e1d02a9d8d02e8f25988a50216cc1842d37c59881b62da325fd39a89f098d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33906 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://mobilesafe.shop cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	13ms 13ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=mobilesafe.shop_fluid_lb%2Bsq_sqle&pdc=0.08578500151634216&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa7fa9fb9b3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	67 KB 28 KB	245ms 244ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=364745092709711&correlator=766150546137345&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fif&iu_parts=44890869%3A22739258693%2Cca-pub-3831894559014614-tag%2Ca7af7edd-b578-4dc7-951f-775bbd5420fd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=1517400100&sfv=1-0-38&ecs=20220528&fsapi=false&prev_scp=ti%3D69241749-aa15-4370-883d-c398d2c3738f%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1653706050528&lmt=1653706050&dlt=1653706049978&idt=359&biw=1600&bih=1200&adxs=245&adys=691&ucis=5&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmobilesafe.shop%2F&ref=https%3A%2F%2Fwww.file-upload.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x116&msz=1110x116&fws=0&ohw=0&ea=0&ga_vid=227461871.1653706050&ga_sid=1653706050&ga_hid=1080394776&ga_fc=true&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3635c44162d7f93b4791c29b9e8226e076a890566f739ade5e9ac523b2e02f85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28812 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://mobilesafe.shop cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	58ms 28ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052401&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dbe2c52f69a6529bdf835abae5945cee494079f0927ad82d0bf2b10144f0ad42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers timing-allow-origin * date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=ISO-8859-1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10255 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 17 KB	71ms 30ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17314 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	41 KB 12 KB	52ms 17ms	Script text/javascript	46.105.202.126 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.202.126 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:24:37 GMT content-encoding br x-cacheable Matched cache x-cdn-pop-ip 51.254.41.128/25 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/javascript;charset=utf-8 cache-control max-age=3600 x-cdn-pop rbx1 content-disposition attachment;filename="esp.js" strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes content-length 11458 x-request-id 798327039
GET H3	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 08C7	6 KB 6 KB	43ms 15ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	19ms 19ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.97&b=2&r=mobilesafe.shop_auto_interstitial_desktop&sy=8fb6a26d-6bda-4bc6-b369-6f099fd13c06&ts=93&cd=2&pud=103&pus=c&pue=616&pid=38&pis=c&pie=656&ppd=57&pps=a&ppe=675&pad=92&pas=c&pae=730&pcl=641&ttc=684&tti=1275&ttif=0&lca=675&lcak=ppe&lct=730&lctk=pae&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=69241749-aa15-4370-883d-c398d2c3738f&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa812bd59b3d-FRA
GET H3	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4553	6 KB 6 KB	26ms 13ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated /	182 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	834 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Content-Type image/svg+xml
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	16ms 16ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_auto_728x90_sticky_display_bottom&sy=8fb6a26d-6bda-4bc6-b369-6f099fd13c06&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=69241749-aa15-4370-883d-c398d2c3738f&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa813bef9b3d-FRA
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame D234	13 KB 5 KB	42ms 13ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 32347 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 27 May 2022 17:48:23 GMT expires Sat, 27 May 2023 17:48:23 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 052C	783 B 1 KB	60ms 24ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1caa5cce52c2e8afbccbca9109dce347642d8e50046f700a14744bee2c95326e Security Headers Name Value Content-Security-Policy script-src 'nonce-akT964pTaAmUqXNtC9UCUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'nonce-akT964pTaAmUqXNtC9UCUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sat, 28 May 2022 02:47:30 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F634	6 KB 6 KB	13ms 13ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	13ms 13ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_square&sy=8fb6a26d-6bda-4bc6-b369-6f099fd13c06&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=69241749-aa15-4370-883d-c398d2c3738f&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa815c109b3d-FRA
GET H3	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE70	6 KB 6 KB	13ms 13ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	13ms 12ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_sq_sq&sy=8fb6a26d-6bda-4bc6-b369-6f099fd13c06&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=69241749-aa15-4370-883d-c398d2c3738f&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa818c519b3d-FRA
GET H2	200	css fonts.googleapis.com/ Frame 4553	557 B 703 B	71ms 24ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	load_preloaded_resource.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 4553	2 KB 1 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 01:02:57 GMT content-encoding gzip x-content-type-options nosniff age 6273 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1202 x-xss-protection 0 server cafe etag 10137335727447750368 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 01:02:57 GMT
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 4553	27 KB 10 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:26:18 GMT content-encoding gzip x-content-type-options nosniff age 8472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10525 x-xss-protection 0 server cafe etag 5993959114622819781 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:26:18 GMT
GET H3	404	icon.png 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 4553	2 KB 2 KB	21ms 20ms	Image text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1593 x-xss-protection 0
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 4553	3 KB 1 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:25:40 GMT content-encoding gzip x-content-type-options nosniff age 1310 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1431 x-xss-protection 0 server cafe etag 17826921741551292351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 02:25:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4553	136 KB 137 KB	59ms 23ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653478767633683" content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139527 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 4553	25 KB 10 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:57:07 GMT content-encoding gzip x-content-type-options nosniff age 6623 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9828 x-xss-protection 0 server cafe etag 7999166876618491223 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:57:07 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4553	0 0	22ms 21ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0CBEEGw022gRM8bWS1nlmEFuRjUxWG3zYdjGKxJroZxBAxBCIkLKQd2-ynmxQ2_RqkkQpMKSoJe1ieLOZW-ZaSA3Atw Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H2	200	52aaa6df04c706d5b7adf14d1c58f00f.js Show response www.gstatic.com/mysidia/ Frame 4553	39 KB 15 KB	48ms 13ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/52aaa6df04c706d5b7adf14d1c58f00f.js?tag=mysidia_one_click_handler_one_afma Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55d6e42bbbe7490d3212a9f3007d1f50887331885c471ade766f5e84d897912b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Mon, 23 May 2022 09:38:26 GMT content-encoding gzip x-content-type-options nosniff age 407344 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15216 x-xss-protection 0 last-modified Thu, 12 May 2022 07:58:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 21 Aug 2022 09:38:26 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4553	0 0	52ms 52ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch86KQo2RYsmAHfGm9u8Pq4id2AmciMqHYriu39TTDdLA3PvaJBABIJWbyiFglaqggrAHoAG84Z30A8gBAakCE5AHDFACsj7gAgCoAwHIA8sEqgT6AU_QXPCTxddh5kHbmcRNvEsqmk7Rldg4xjWwIKiFfKD87etgRdK08zvR09hds0gW-LBPRNOISByGrANdasjpPbu5r182l3if0m8V9ez_DUsn0nnz3uUy1ZfV3yAbKm72m1DYEeDe5o8BO01EIjkhNX1VT6wMKMb_iK-sBo7W5pKGjR-mthJO-VuxIQql-QMUnehCVWgUbVDGkYN-TDyC4I2I1ilIPn6l5h1Um8qMDjY3pS96Mk1t9ZcLdjKjUhX_971Cerx9lHTzatABiL7hhZsOyrP-UOHU4liZq_3GfxFFbIyw2jWLkHtQSV9sEcmvDslcvgYCK6rM5mnABI_lyt_IA-AEAYAHrJ7iC6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELmvE9IICQiI4YAQEAEYHYAKA8gLAdgTA4gUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=KEwBwOoIEk0&uach_m=[UACH] Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	container.html Show response 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6DD	6 KB 6 KB	13ms 13ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobilesafe.shop/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-length 6094 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:30 GMT expires Sun, 28 May 2023 02:47:30 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 364 B	50ms 50ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=mobilesafe.shop_fluid_lb%2Bsq_sqle&sy=8fb6a26d-6bda-4bc6-b369-6f099fd13c06&ts=93&cd=2&mlbr=ot&mlos=ot&mlla=en&mlco=us&mldo=mobilesafe.shop&mlre=www.file-upload.com&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=69241749-aa15-4370-883d-c398d2c3738f&e=lm&dsReferer=aHR0cHM6Ly9tb2JpbGVzYWZlLnNob3Av Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v15.0.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers x-nf-request-id 01G3Z8QB9PPTWAKFKFENA5YN8J date Sat, 28 May 2022 02:47:30 GMT cf-cache-status HIT age 122542 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ec09d72975fe89142c7d2feb1371ff57-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7123aa81cca09b3d-FRA
GET H2	200	css2 fonts.googleapis.com/ Frame 08C7	400 B 279 B	28ms 28ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H2	200	css fonts.googleapis.com/ Frame 79C5	557 B 351 B	23ms 23ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	load_preloaded_resource.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 79C5	2 KB 1 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 01:02:57 GMT content-encoding gzip x-content-type-options nosniff age 6273 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1202 x-xss-protection 0 server cafe etag 10137335727447750368 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 01:02:57 GMT
GET H3	404	icon.png 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame 79C5	2 KB 2 KB	21ms 21ms	Image text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1593 x-xss-protection 0
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 79C5	27 KB 10 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:26:18 GMT content-encoding gzip x-content-type-options nosniff age 8472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10525 x-xss-protection 0 server cafe etag 5993959114622819781 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:26:18 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 79C5	3 KB 1 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:25:40 GMT content-encoding gzip x-content-type-options nosniff age 1310 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1431 x-xss-protection 0 server cafe etag 17826921741551292351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 02:25:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 79C5	136 KB 136 KB	37ms 35ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653478767633683" content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139527 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 79C5	25 KB 10 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:57:07 GMT content-encoding gzip x-content-type-options nosniff age 6623 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9828 x-xss-protection 0 server cafe etag 7999166876618491223 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:57:07 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 79C5	0 0	56ms 24ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLPioxGcRg2fGoII7iXDOjeAC4oXvw-vE5-6fu5jy5rpqGDu7v8ZJXk0EZeHWSXraXi1J0f5G8tgt1ZQuNmXadPfOqPw Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	52aaa6df04c706d5b7adf14d1c58f00f.js Show response www.gstatic.com/mysidia/ Frame 79C5	39 KB 15 KB	49ms 20ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/52aaa6df04c706d5b7adf14d1c58f00f.js?tag=mysidia_one_click_handler_one_afma Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55d6e42bbbe7490d3212a9f3007d1f50887331885c471ade766f5e84d897912b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Mon, 23 May 2022 09:38:26 GMT content-encoding gzip x-content-type-options nosniff age 407344 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15216 x-xss-protection 0 last-modified Thu, 12 May 2022 07:58:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 21 Aug 2022 09:38:26 GMT
GET H3	200	interstitial_ad_frame.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 08C7	27 KB 11 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/interstitial_ad_frame.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6100369234d25286a631cd31a426c776e1a9c310721f488474968b46cb1f859f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 01:19:03 GMT content-encoding gzip x-content-type-options nosniff age 5307 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10882 x-xss-protection 0 server cafe etag 13468916648900861594 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 01:19:03 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 08C7	205 B 229 B	39ms 14ms	Image image/png	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 01:12:47 GMT x-content-type-options nosniff age 5683 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 28 May 2023 01:12:47 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 08C7	604 B 628 B	40ms 15ms	Image image/png	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:08:54 GMT x-content-type-options nosniff age 2316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 28 May 2023 02:08:54 GMT
GET H3	200	d8f5ca89484eef83e19bb4e1ee90e7f2.js Show response www.gstatic.com/mysidia/ Frame F634	16 KB 6 KB	39ms 18ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/d8f5ca89484eef83e19bb4e1ee90e7f2.js?tag=client_fast_engine Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75434002a51df3da912b344773873f4aae7e6a3d5640e10194caca89b5053b38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 26 May 2022 00:41:11 GMT content-encoding gzip x-content-type-options nosniff age 180379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6207 x-xss-protection 0 last-modified Thu, 26 May 2022 00:03:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 24 Aug 2022 00:41:11 GMT
GET H3	200	c1c5f0899e793082fcced56446ba1648.js Show response www.gstatic.com/mysidia/ Frame F634	13 KB 5 KB	37ms 16ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/c1c5f0899e793082fcced56446ba1648.js?tag=text/vanilla_highlight Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca16353a4adc06c1d9e876c176e19b33a83a08823124055dc703a2f3401d4f3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 26 May 2022 01:17:12 GMT content-encoding gzip x-content-type-options nosniff age 178218 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5320 x-xss-protection 0 last-modified Thu, 26 May 2022 00:03:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 24 Aug 2022 01:17:12 GMT
GET H3	200	css fonts.googleapis.com/ Frame F634	557 B 301 B	53ms 23ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b1536b50082675a07ffcfc68cb4e399faf2091c7fe267a28e7a776229adb6ebd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	load_preloaded_resource.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F634	2 KB 1 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 01:02:57 GMT content-encoding gzip x-content-type-options nosniff age 6273 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1202 x-xss-protection 0 server cafe etag 10137335727447750368 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 01:02:57 GMT
GET H3	404	icon.png 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame F634	2 KB 2 KB	22ms 21ms	Image text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:31 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1593 x-xss-protection 0
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame F634	27 KB 10 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:26:18 GMT content-encoding gzip x-content-type-options nosniff age 8472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10525 x-xss-protection 0 server cafe etag 5993959114622819781 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:26:18 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F634	3 KB 1 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:25:40 GMT content-encoding gzip x-content-type-options nosniff age 1311 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1431 x-xss-protection 0 server cafe etag 17826921741551292351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 02:25:40 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F634	136 KB 136 KB	58ms 26ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653478767633683" content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139527 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F634	25 KB 10 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:57:07 GMT content-encoding gzip x-content-type-options nosniff age 6623 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9828 x-xss-protection 0 server cafe etag 7999166876618491223 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:57:07 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame F634	0 0	22ms 21ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfNVb2zFZ3ZUKJ1yz9fuDVP6v-eoSMhU1UX-Eq1ZcyRvd0rHo6prVbqkhb8hqOyJv-N_WunczqCdyEPk97d7xCgV_Wgg Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	1387aee29eba15ac93df7e973bb6437e.js Show response www.gstatic.com/mysidia/ Frame F634	41 KB 16 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1387aee29eba15ac93df7e973bb6437e.js?tag=mysidia_one_click_handler_one_afma Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3bd12556f149270f4d482e9b8e5193945a23b3479d11c6f5679023b874a5715 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 26 May 2022 00:19:34 GMT content-encoding gzip x-content-type-options nosniff age 181677 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15914 x-xss-protection 0 last-modified Thu, 26 May 2022 00:03:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 24 Aug 2022 00:19:34 GMT
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 324 B	49ms 16ms	XHR text/plain	141.95.98.69 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.98.69 , France, ASN16276 (OVH, FR), Reverse DNS ns3216534.ip-141-95-98.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://mobilesafe.shop/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-Type text/plain Response headers access-control-allow-origin https://mobilesafe.shop date Sat, 28 May 2022 02:47:30 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin strict-transport-security max-age=63072000; includeSubDomains; preload
GET H3	404	icon.png 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame FE70	2 KB 2 KB	22ms 22ms	Image text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1593 x-xss-protection 0
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame FE70	27 KB 10 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:26:18 GMT content-encoding gzip x-content-type-options nosniff age 8472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10525 x-xss-protection 0 server cafe etag 5993959114622819781 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:26:18 GMT
GET H3	200	1855386630868992114 tpc.googlesyndication.com/simgad/ Frame FE70	105 KB 105 KB	19ms 17ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1855386630868992114?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnHUMiroIKq5lm5E-tTc9_O1qGFjw Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 178fd25a165892e41108f547a0386f1b4442262b632552a36d566bc43c442394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 26 May 2022 00:59:15 GMT x-content-type-options nosniff age 179295 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 107738 x-xss-protection 0 last-modified Tue, 24 May 2022 12:34:45 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 26 May 2023 00:59:15 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame FE70	3 KB 1 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:25:40 GMT content-encoding gzip x-content-type-options nosniff age 1310 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1431 x-xss-protection 0 server cafe etag 17826921741551292351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 02:25:40 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FE70	136 KB 136 KB	62ms 48ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653478767633683" content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139527 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame FE70	25 KB 10 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:57:07 GMT content-encoding gzip x-content-type-options nosniff age 6623 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9828 x-xss-protection 0 server cafe etag 7999166876618491223 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:57:07 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame FE70	0 0	24ms 23ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJ94zJ2nup22VX3P-EmypTzV_nGekbgW8rcdbXiWlRdglVOxXtnW8o3nGuxrn4Q5EIMJhhO0gP7PuNsWHN77tk7kwJ7A Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	one_click_handler_one_afma.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame FE70	41 KB 16 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 18:43:21 GMT content-encoding gzip x-content-type-options nosniff age 29049 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15882 x-xss-protection 0 server cafe etag 8219006489259720894 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 10 Jun 2022 18:43:21 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame FE70	0 0	59ms 57ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=ChX3XQo2RYrr-HbS4lQfhvKXQB_GOt6VqgarPgaYQ2dkeEAEglZvKIWCVqqCCsAegAZyv-6gCyAEC4AIAqAMByAPJBKoE8QFP0M1pH298W_kdw3eXOSp8J8JG9GLLpDFJ3P31gWhEhEtIunEUYTg6_2h6t53U19gK4zPLsSlld79rUrWxFQLJo-jaiKmesuqMKsVdwkSevzstkNPo4FbL_zG9g9ul34paiHPZRThNQxO9ZNV9oenfUXwekr5_BZkz7pReYwyFrdto-npWzNYuNuD7jI97yYOc0k0jSBI4SbS7oHm-I6fU0vsG-O5FV5T4jDg0cp1g6S_53uFMeCZyWIXm8jt8l0k0f_qY7By45gHkAddH1ElhMGYsGJNfVj8SItrlcB9J80-mTblYXrS-NOSkFbYGt2xlwAT-uNfH-QPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC_kwfSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=eC3MbD06KR4&uach_m=[UACH] Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	404	icon.png 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/ Frame F6DD	2 KB 2 KB	21ms 21ms	Image text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eece2e9afb2e8796c05712cc57637852842a74491ee005d734f202e834461dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1593 x-xss-protection 0
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame F6DD	27 KB 10 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:26:18 GMT content-encoding gzip x-content-type-options nosniff age 8472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10525 x-xss-protection 0 server cafe etag 5993959114622819781 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:26:18 GMT
GET H3	200	844159993411455591 tpc.googlesyndication.com/simgad/ Frame F6DD	119 KB 119 KB	24ms 24ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/844159993411455591?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnUDYaEr4HEHJpUPSs3RDjv0Ck9bQ Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dad5454966300966aa6ee40ab94d13354848959dad5d3ab322b64c0ded1f239f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 11:21:52 GMT x-content-type-options nosniff age 314738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 121963 x-xss-protection 0 last-modified Tue, 17 May 2022 10:52:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 24 May 2023 11:21:52 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F6DD	3 KB 1 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:25:40 GMT content-encoding gzip x-content-type-options nosniff age 1310 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1431 x-xss-protection 0 server cafe etag 17826921741551292351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 02:25:40 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F6DD	25 KB 10 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7ebebf46c359b22f6a2dba18f0168b375ea7129a9aa585b6e85f1d07a125ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 00:57:07 GMT content-encoding gzip x-content-type-options nosniff age 6623 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9828 x-xss-protection 0 server cafe etag 7999166876618491223 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Jun 2022 00:57:07 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame F6DD	0 0	22ms 21ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXGRXbSPBVl9k5mhTjb3cmuDEhNDTBajtvyw4_y33JbLFdm_gXECzk2n8kod9_qMUv-sTrAXgvqEMkM3Fa30fUexhFXg Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F6DD	136 KB 136 KB	63ms 57ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:30 GMT vary Accept-Encoding server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653478767633683" content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139527 x-xss-protection 0 expires Sat, 28 May 2022 02:47:30 GMT
GET H3	200	one_click_handler_one_afma.js Show response tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame F6DD	41 KB 16 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c33e7aa3c96038e24ed02013f610c9e91d3664dd88966e2373b983480b7bda9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 18:43:21 GMT content-encoding gzip x-content-type-options nosniff age 29049 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15882 x-xss-protection 0 server cafe etag 8219006489259720894 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 10 Jun 2022 18:43:21 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F6DD	0 0	57ms 56ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C7ShkQo2RYujvJM6U9u8P8ealyALxjrelatmkz4GmENnZHhABIJWbyiFglaqggrAHoAGcr_uoAsgBAuACAKgDAcgDyQSqBOsBT9AFhH5mdDGqpXt52EdhpIuNwzY2Vx-Gtm1LRO-HjBCRbmgTMc_vyvVJftuQ1QPxmG1pwNAMbYfy9nWAsuaZzrHvqJ0tK_2puesw6r6E_uAaRzPVPkqBdw6LPDJdC2rteis-2v9PhgDaPjSTC5V7wk8Hs0OY0Os9uQdC3VF7ggTxp-22pt2vPxSwgDMXrNamvaOlv1WLOjy_tXjai2WnMXBWCmzCiUKqF0FzFQnDvwjPrXvnXSuotLPbu9wcko6TjDBuNb-UBM-g5T1zQwhNKbvdvQLoR6derpVmTQ62YYOe7Q4NQffj5mdwfsAE_rjXx_kD4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxJcT0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=duHfAGir6qQ&uach_m=[UACH] Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 052C	0 0	109ms 80ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052401&jk=364745092709711&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame B782	143 B 163 B	46ms 15ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 1339 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:25:11 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7C45	143 B 163 B	43ms 14ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 1339 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:25:11 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response pagead2.googlesyndication.com/bg/ Frame D234	36 KB 14 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 14:03:01 GMT content-encoding br x-content-type-options nosniff age 45869 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13882 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 14:03:01 GMT
GET H2	200	4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf fonts.gstatic.com/s/googlesans/v44/ Frame 4553	44 KB 23 KB	63ms 14ms	Font font/ttf	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 074c7945755818cd49e9ae374a5b152cbe2531fc772f9f86d487582d444ff729 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 22:57:43 GMT content-encoding gzip x-content-type-options nosniff age 272988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22443 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:14:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 22:57:43 GMT
GET H2	200	4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf fonts.gstatic.com/s/googlesans/v44/ Frame 4553	44 KB 23 KB	75ms 26ms	Font font/ttf	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ef06cef118aebe8b298f181787352fdf1cee7a18716c249aabf40d0258d90ea7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 22:57:34 GMT content-encoding gzip x-content-type-options nosniff age 272997 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23424 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:09:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 22:57:34 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F634	0 0	57ms 57ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C2RJOQo2RYp_XHuiR9u8PsfWv4A7WrbSZaueGt_r4D6_m9P0IEAEglZvKIWCVqqCCsAegAaOLv_0CyAEB4AIAqAMByAPLBKoE8AFP0PTNMuWC8rkFUt_0azDQqbZO6T9po-Od-ovwy2VovAir7Ef-alQ8iSvJmtU3xezLpsk5idGDAgHObTU4mTD-TObo076Xe9NfZloo6xDs36njmCgUA-FYeHanOg5x1A5f2KpRyJRE50XxFZUTfjMT0J9pIqB064Rnqo9SNGkV5z7HjOMPfBWiq-QFV1aV70mvGUilrmfJramr9cIwX8BXeseNrnWvh6jzkVwaIfXbZrYtrvuU01cn_wKp3bYoh42eZ5i7J6lBOzebbPPgHw6fnUn-iV4QGm8VtNeUWRc4ZdZdnSz3CrwglqIeMFQIVfvABLnH4-X7A-AEAZIFBAgEGAGSBQQIBRgEgAfF9MCCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN-0EtIICQiI4YAQEAEYHYAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=laJLhW6TRd0&uach_m=[UACH] Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame CF64	143 B 163 B	15ms 13ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 1340 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:25:11 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6678	143 B 163 B	14ms 14ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 1340 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:25:11 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H2	200	redir.html Show response p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A401	247 B 1001 B	86ms 21ms	Document text/html	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash d5c5b407c19c1899abddc6fcc7eb2b4b5e05bedc9b8339d70a4abd55079f6393 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 247 content-security-policy-report-only script-src 'nonce-083y37y5n1Jyd396YvqbXg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:31 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Mon, 02 Dec 2019 20:15:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame E801	143 B 163 B	14ms 14ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers age 1340 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 02:25:11 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf fonts.gstatic.com/s/googlesans/v44/ Frame F634	44 KB 23 KB	77ms 23ms	Font font/ttf	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ef06cef118aebe8b298f181787352fdf1cee7a18716c249aabf40d0258d90ea7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 22:57:34 GMT content-encoding gzip x-content-type-options nosniff age 272997 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23424 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:09:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 22:57:34 GMT
GET H3	200	4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf fonts.gstatic.com/s/googlesans/v44/ Frame F634	44 KB 22 KB	67ms 13ms	Font font/ttf	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 074c7945755818cd49e9ae374a5b152cbe2531fc772f9f86d487582d444ff729 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Tue, 24 May 2022 22:57:43 GMT content-encoding gzip x-content-type-options nosniff age 272988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22443 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:14:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 22:57:43 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7C45 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	36ms 36ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT expires Sat, 28 May 2022 02:47:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response pagead2.googlesyndication.com/bg/ Frame 3ADF	35 KB 14 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 16:30:35 GMT content-encoding br x-content-type-options nosniff age 37016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13800 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 16:30:35 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame B782 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	43ms 42ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT expires Sat, 28 May 2022 02:47:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response pagead2.googlesyndication.com/bg/ Frame 54D3	35 KB 14 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Requested by Host: www.file-upload.com URL: https://www.file-upload.com/cqaq1m0u7abq Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 16:30:35 GMT content-encoding br x-content-type-options nosniff age 37016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13800 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 16:30:35 GMT
GET H3	200	iframe.html Show response p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A401	4 KB 4 KB	50ms 22ms	Document text/html	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html Requested by Host: p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com URL: https://p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash 36dadc692dc2b04347f76693a4b6e8762bc0bba6e09bc72f6e322efa0c42d91e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://p4-bvsbhjyu7rzkq-x4i43qwc4s7zdexd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 4552 content-security-policy-report-only script-src 'nonce-IUejo385S-VjhCdOBc1zZw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Sat, 28 May 2022 02:47:31 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Thu, 29 Apr 2021 21:38:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame CF64 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	68ms 68ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT expires Sat, 28 May 2022 02:47:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6678 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	61ms 61ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT expires Sat, 28 May 2022 02:47:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame E801 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	65ms 65ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT expires Sat, 28 May 2022 02:47:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=ISO-8859-1 date Sat, 28 May 2022 02:47:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response pagead2.googlesyndication.com/bg/ Frame 04F6	35 KB 14 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 16:30:35 GMT content-encoding br x-content-type-options nosniff age 37016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13800 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 16:30:35 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame D234	0 9 B	13ms 13ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?H0UdsQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Sat, 28 May 2022 02:47:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response pagead2.googlesyndication.com/bg/ Frame C75D	35 KB 14 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 16:30:35 GMT content-encoding br x-content-type-options nosniff age 37016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13800 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 16:30:35 GMT
GET H3	200	QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response pagead2.googlesyndication.com/bg/ Frame D10E	35 KB 14 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Requested by Host: 1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com URL: https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Fri, 27 May 2022 16:30:35 GMT content-encoding br x-content-type-options nosniff age 37016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13800 x-xss-protection 0 last-modified Tue, 24 May 2022 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 27 May 2023 16:30:35 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	65ms 64ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052401&jk=364745092709711&bg=!7u2l7anNAAao8wy8iPM7ACkAdvg8WmRsUiAT-YSJnreyBpP0s0LfQbmS7Qos12o6hKsIU6wK3LixeAIAAAEbUgAAAAdoAQcKAJiLYD82Rhc7AdgtZPZGWZSwEQKz5mRG1erIThO7mQE9tM6Ve88sYBWKq8hRCF1k_sgzV7m891TP_HLRbHJVHJQ08b8mCDlF5_Z2E1ic_N2VNqp1JyKHEO-OEKJjGEwJyqQK_qSAMC5Jco-4pQIng_UFCvIHQoGlzxfdFDzqIrGsDAQqYpk_U8Ru4MNxOlqHVk8gj_EagJmWhpkCjDyfbJWfEBAlsQAl8bHSjOlEYzgd8Sgs9CSyRZONKmfbI2ZXZQ3_FnAzM7-twy9CCGrr9Qtubt3EbtGZ3mXgeFJZ4DbD2hykhKS-UlQe4DtEDRX-N7CSuyb7ozgoVHbL35wvqtSfBIwfAYLIwY6tMKG0ShNwyvy0TTH1S3_RftB_dUGhN-ZrRohT3x0NMz9Xg7KSI9U0-jw6qtPgm04KUKlSV1NICqXNfUf6gXNCfenUnuuYW_02BmPhahO8R-8m0eS4IdIrX90tmZsLoijqPm9uloLwBGJZhq2YJge3_CL5yeANTiatJDuas3aR8A8YLOL4dHjhbOEy4BxJNdvpLCbJPDqgWNLO859WFyG0AsoTDCX8bn3HrcQldmzP4tgvV2t5hMbngzjJQPBgoIgte0pbxLg2YCA6nRB7AYkx9HgwNWy-l4-U4yEgGh7w6APoc4yepCE_duopLDgKY2RjHvTYKI1qFX75mjQfx3Dn-zPCdE7gL1I8q-A1I1qz6nG9s-CS7srZEZJumdrYjwTRREf3uEu3ESW_1QNhmQHJVhBAtZQY7yp4rxvEFhVkFWLiNzWW4khVAev2KlrBThHtE3yNOPjBbMR6D706bq9-cIZof6U9sraJTX4uiAj8RBL7K6Ha16pF4_hnBrR7nserDpPIEnrFox_OdOcDk9WuiKGFw-UTsJjN6l8dM1oO_C6nKjRQA3Mbjx1gbNyzSF9AyVA02ruKHGVDg_Dr543q-BQQODCmAPItqHj2cHjGhcRhHES22AQU37W9FD5jG3bRWJMnXErjDSqZ59lJnFDvO5TuSvjM-Xt54xIFgHwwd-71syqtDrpkSA5NaXHlVd4AmPNpVvSghHCDA3soLKk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mobilesafe.shop/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F6DD	42 B 64 B	52ms 51ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunDbR7e6hpuNoLQfKWPe21M3YVN-AItg6Bs_xWEy_F06XCt4Skpb5WynEYt2Gc7bHf7VkgRvK6uqRfsPbZz2hmEzurMf8Ry9jYH6os26mUwDE-fdEfRiiM5mf3&sai=AMfl-YRnIrH2x14JnEfBHeKgxgpgWhMv1tpDbvmFAxlw4yfhqOCzydqvJ1b_4HPGDNWVwpHIurcCvLnOVWJHYNuk95oDDeQ0V4tluP8rf6MuZyV8Kn1fjyotW19VBehZ44MB&sig=Cg0ArKJSzMJr3IXBVb1eEAE&id=lidar2&mcvt=1000&p=699,288,963,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1517400100&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706050839&rpt=226&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame FE70	42 B 64 B	50ms 49ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpgCr6XL_Y-eM3WDnEzlRylQ95jrQzYp9A60Fs2yUxxtUFbyjYvo13euIT0lX91jL2MxKk5KBXQM-7iptGcH2FvOvdGSosHf-YRB_V_3s6Z10AIN4v01ehjpKBZY7r8Olhxy2n&sai=AMfl-YTvSb5W9l8PCn65JOgsuHkAgx1xluZjNaR5v0ybMySWRWRVBGA_WO9XFr0nG1lq4eGJO9Bm6-cQ3qOXuVxSu9JB6nJoG55YaXN3xCNSCiTtFSlZzzh2IkYCMqoID10&sig=Cg0ArKJSzCFZ_Lknn6f0EAE&id=lidar2&mcvt=1008&p=1019,288,1283,1312&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&vu=1&app=0&itpl=4&adk=3690871513&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706050803&rpt=251&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4553	0 0	52ms 51ms	Fetch text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C6J0nQo2RYsmAHfGm9u8Pq4id2AmciMqHYriu39TTDdLA3PvaJBABIJWbyiFglaqggrAHoAG84Z30A8gBAakCE5AHDFACsj7gAgCoAwGqBPoBT9Bc8JPF12HmQduZxE28SyqaTtGV2DjGNbAgqIV8oPzt62BF0rTzO9HT2F2zSBb4sE9E04hIHIasA11qyOk9u7mvXzaXeJ_SbxX17P8NSyfSefPe5TLVl9XfIBsqbvabUNgR4N7mjwE7TUQiOSE1fVVPrAwoxv-Ir6wGjtbmkoaNH6a2Ek75W7EhCqX5AxSd6EJVaBRtUMaRg35MPILgjYjWKUg-fqXmHVSbyowONjelL3oyTW31lwt2MqNSFf_3vUJ6vH2UdPNq0AGIvuGFmw7Ks_5Q4dTiWJmr_cZ_EUVsjLDaNYuQe1BJX2wRya8OyVy-BgIrqszmacAEj-XK38gD4AQBgAesnuILqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQua8T0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=lcHliIcpDIM&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4553	42 B 64 B	59ms 58ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFDdZLsvdL7_vxSwSB1ukqTEy3pAQXBcJiroX88kGsnMF7aPRbK5vUVIYc3Erf5rgDBuLnyDmFByhURxZuFpc3zSi-4xOBTdDwmO28jHByNfEr98zQzNnDRFxoY1xTtZthbaxnhsI5hY29LaX9iLNc&sai=AMfl-YS5eNwrcgvc8XNuPc71-1-9dcVlZZ_6ggOBaQNrZo9JZa_f7UVhMkfLgVbQy3Mo0M_ybt4aSAJ8-Z4b_VvHhn5ImYuSYSOfdOU2gEnyD7BhLzyuV8g7pruZBPlwteo&sig=Cg0ArKJSzFzFu5rmLQNnEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3551285455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653706050751&rpt=363&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F634	42 B 64 B	49ms 49ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLh13AJa2cvTNkKjMJSPPHOXv9DLCV4-wLRwJg4G7Q9RT41lJ5tL-wk-P8J-8Oc-Kv9E_kv8QiD9vPWcqpm2fsuWPzrb0JrKnGQnQiXVwl5kWbIQEDy-YcQUGA&sai=AMfl-YRlt9EJvcbm7KgF_i45Q-IFvNp4Y-BKeuqUMJsZAcHMylqI5iSG4hk7Y0364h887na9yGvJkgfjHl4RMlVUeITgsZMqSbduZw8rqGsQoB3iu1GgPSgxKAPoDaoQHAPd&sig=Cg0ArKJSzOIxtIfIHgvzEAE&id=lidar2&mcvt=1000&p=231,288,511,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3637477135&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653706050773&rpt=611&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1c2679c8478effeb775460bf68944c5d.safeframe.googlesyndication.com/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Sat, 28 May 2022 02:47:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

file-upload.site

URL

https://file-upload.site/page.js

Domain

www.file-upload.com

URL

https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain

www.file-upload.com

URL

https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain

www.file-upload.com

URL

https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e