urlscan.io logo urlscan.io
SecurityTrails logo

letsupload.io Open in urlscan Pro
89.248.170.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://letsupload.io/1qa0d?pt=T1VKSU5VaGtSRTFaWkhKbFREbGxaaXQxWm1kVmR6MDlPcEVHOU4wKzd2MmptZGQ0Q2FkamdoZz0%3D
Effective URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Submission Tags: falconsandbox
Submission: On October 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 17 domains to perform 113 HTTP transactions. The main IP is 89.248.170.30, located in Amsterdam, Netherlands and belongs to INT-NETWORK, SC. The main domain is letsupload.io.
TLS certificate: Issued by R3 on August 24th 2021. Valid for: 3 months.
This is the only time letsupload.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    89.248.170.30 (Amsterdam, Netherlands)

ASN202425 (INT-NETWORK, SC)
letsupload.io
6    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.91.159.115 (Netherlands)

ASN7979 (SERVERS-COM, US)
trysprierratty.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
ausoafab.net
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.99.13.63 (Ajax, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
5    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
dozubatan.com
2    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
11    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
1    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
forflygonom.com
11    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
28 letsupload.io 1 redirects letsupload.io
15 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 pagead2.googlesyndication.com letsupload.io
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 www.gstatic.com googleads.g.doubleclick.net
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 fonts.googleapis.com letsupload.io
googleads.g.doubleclick.net
5 dozubatan.com ausoafab.net
dozubatan.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 static.cdnativepush.com letsupload.io
dozubatan.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 my.rtmark.net onmarshtompor.com
dozubatan.com
2 onmarshtompor.com ausoafab.net
2 ausoafab.net letsupload.io
1 forflygonom.com letsupload.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com letsupload.io
1 trysprierratty.com letsupload.io
113 21

This site contains links to these domains. Also see Links.

Domain
letsupload.io
cookiesandyou.com
Subject Issuer Validity Valid
letsupload.io
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
trysprierratty.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ausoafab.net
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
dozubatan.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
onmarshtompor.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-03 -
2022-11-03		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdnativepush.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
forflygonom.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 16 frames:

Primary Page: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Frame ID: 9E84450356EDA11395052C238CEA809B
Requests: 56 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=b1104ace27804987ada7bf6d348c00b2&oaidts=1633607970
Frame ID: 1BA9EF33C59C9E7B5E983CB3FADEF580
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Frame ID: 2C631683E624A2850CDAC96D9EFDA5B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Frame ID: F3B04130A35C99E5B88249022BF3E504
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&adk=1812271804&adf=3025194257&lmt=1633607971&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971077&bpp=1&bdt=287&idt=120&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=5579589146001&frm=20&pv=1&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=124
Frame ID: 9F194016B199CD8B70F6A0425137FA85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Frame ID: 75E1E9BBDCCCBA03C55A344C755030BC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Frame ID: DEC2C4DE75D0596A4E3EF6A961F9F9BE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 01001F5D9C19786199785F7D09B072C3
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Frame ID: BF18E783BA1FF876C9B93D1A51740B52
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 54EB006ABB59D9662DBCD588A498D6FD
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Frame ID: 2A9C1DBC3F0A09C911EB70BDC049D73D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Frame ID: 2FCCB9D7379EEB7D488D38E9DFF7F268
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Frame ID: 915DB7298343CFF926FC8ACD1F859D10
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Frame ID: 8D2517804D965D5F8E0F18E2A96B94C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 135F9EC3154BB1E73CFD09400FE59757
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8BE6BF6A66926BBC4A7EE55B6BA1AF4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error - LetsUpload Unlimited Cloud Storage

Page URL History Show full URLs

  1. https://letsupload.io/1qa0d?pt=T1VKSU5VaGtSRTFaWkhKbFREbGxaaXQxWm1kVmR6MDlPcEVHOU4wKzd2MmptZGQ0Q2F... HTTP 302
    https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity. Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

21
Subdomains

22
IPs

6
Countries

1084 kB
Transfer

3135 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://letsupload.io/1qa0d?pt=T1VKSU5VaGtSRTFaWkhKbFREbGxaaXQxWm1kVmR6MDlPcEVHOU4wKzd2MmptZGQ0Q2FkamdoZz0%3D HTTP 302
    https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 105
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request error
letsupload.io/
Redirect Chain
  • https://letsupload.io/1qa0d?pt=T1VKSU5VaGtSRTFaWkhKbFREbGxaaXQxWm1kVmR6MDlPcEVHOU4wKzd2MmptZGQ0Q2FkamdoZz0%3D
  • https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
76 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
8c4e4ad5e377f7dcc70614b1601616386066591f4932304d08396f9a51ecfd79

Request headers

:method
GET
:authority
letsupload.io
:scheme
https
:path
/error?e=File+has+been+removed+due+to+inactivity.
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate no-cache
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:30 GMT
server
nginx centminmod
x-powered-by
centminmod
content-encoding
gzip

Redirect headers

content-type
text/html; charset=UTF-8
location
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
set-cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk; expires=Fri, 08-Oct-2021 11:59:29 GMT; Max-Age=86400; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate no-cache
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:29 GMT
server
nginx centminmod
x-powered-by
centminmod
bootstrap.min.css
letsupload.io/themes/spirit/assets/frontend/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

:path
/themes/spirit/assets/frontend/css/bootstrap.min.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-12c7a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
stack-interface.css
letsupload.io/themes/spirit/assets/frontend/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

Request headers

:path
/themes/spirit/assets/frontend/css/stack-interface.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-c58"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
socicon.css
letsupload.io/themes/spirit/assets/frontend/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/socicon.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Request headers

:path
/themes/spirit/assets/frontend/css/socicon.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-266e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
lightbox.min.css
letsupload.io/themes/spirit/assets/frontend/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

:path
/themes/spirit/assets/frontend/css/lightbox.min.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-f31"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
flickity.css
letsupload.io/themes/spirit/assets/frontend/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/flickity.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

Request headers

:path
/themes/spirit/assets/frontend/css/flickity.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-9d9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
iconsmind.css
letsupload.io/themes/spirit/assets/frontend/css/ 		100 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/iconsmind.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Request headers

:path
/themes/spirit/assets/frontend/css/iconsmind.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-19147"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
jquery.steps.css
letsupload.io/themes/spirit/assets/frontend/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

Request headers

:path
/themes/spirit/assets/frontend/css/jquery.steps.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-1783"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
cookiealert.css
letsupload.io/themes/spirit/assets/frontend/css/ 		12 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/cookiealert.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

Request headers

:path
/themes/spirit/assets/frontend/css/cookiealert.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-3051"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
theme.css
letsupload.io/themes/spirit/assets/frontend/css/ 		202 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/theme.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a

Request headers

:path
/themes/spirit/assets/frontend/css/theme.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-32678"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
font-awesome.min.css
letsupload.io/themes/spirit/assets/frontend/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

:path
/themes/spirit/assets/frontend/css/font-awesome.min.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:14 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c401e-e6ef"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
custom.css
letsupload.io/themes/spirit/assets/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/css/custom.css
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

Request headers

:path
/themes/spirit/assets/frontend/css/custom.css
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 22:28:48 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"601c7520-22e8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6003d701de1975e1c56f4cca73a6d106a17ff8d633997a71b5b13682495478ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 10:45:52 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:30 GMT
icon
fonts.googleapis.com/ 		569 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 11:59:30 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:30 GMT
21164
trysprierratty.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trysprierratty.com/1clkn/21164
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.115 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:59:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
logo_inverse.png
letsupload.io/cache/themes/spirit/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://letsupload.io/cache/themes/spirit/logo_inverse.png
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268

Request headers

:path
/cache/themes/spirit/logo_inverse.png
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
last-modified
Tue, 05 Jan 2021 18:42:37 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
"5ff4b31d-2fe3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
12259
expires
Sat, 06 Nov 2021 11:59:30 GMT
logo.png
letsupload.io/cache/themes/spirit/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://letsupload.io/cache/themes/spirit/logo.png
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268

Request headers

:path
/cache/themes/spirit/logo.png
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
last-modified
Tue, 05 Jan 2021 18:42:37 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
"5ff4b31d-2fe3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
12259
expires
Sat, 06 Nov 2021 11:59:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e67713a863f13bf3234c0d12f8d787c68038b76798e5820b4fe3692e5e12d26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51281
x-xss-protection
0
server
cafe
etag
14940781298409060866
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Oct 2021 11:59:30 GMT
mobile_icons_inverted.png
letsupload.io/plugins/webdav/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://letsupload.io/plugins/webdav/assets/img/mobile_icons_inverted.png
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
8bb063904473a1de32aacb8ab6111bb464086a63eaa8cf17971dc4a389f5f0da

Request headers

:path
/plugins/webdav/assets/img/mobile_icons_inverted.png
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
last-modified
Sun, 18 Oct 2020 09:15:10 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
"5f8c079e-bf6"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
content-length
3062
expires
Sat, 06 Nov 2021 11:59:30 GMT
jquery-3.1.1.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

:path
/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-152b9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
jquery.dataTables.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

:path
/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-1107a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
flickity.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/flickity.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

:path
/themes/spirit/assets/frontend/js/flickity.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-d271"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
typed.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/typed.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

:path
/themes/spirit/assets/frontend/js/typed.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-f6d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
datepicker.js
letsupload.io/themes/spirit/assets/frontend/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/datepicker.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Request headers

:path
/themes/spirit/assets/frontend/js/datepicker.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-51ef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
granim.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/granim.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

:path
/themes/spirit/assets/frontend/js/granim.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-298b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
jquery.steps.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

:path
/themes/spirit/assets/frontend/js/jquery.steps.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-3626"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
countdown.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/countdown.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

:path
/themes/spirit/assets/frontend/js/countdown.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-14f0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
smooth-scroll.min.js
letsupload.io/themes/spirit/assets/frontend/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

:path
/themes/spirit/assets/frontend/js/smooth-scroll.min.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-178c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
scripts.js
letsupload.io/themes/spirit/assets/frontend/js/ 		112 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/scripts.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

Request headers

:path
/themes/spirit/assets/frontend/js/scripts.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-1c0ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
cookiealert.js
letsupload.io/themes/spirit/assets/frontend/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/js/cookiealert.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Request headers

:path
/themes/spirit/assets/frontend/js/cookiealert.js
pragma
no-cache
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
letsupload.io
referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"5f8c4020-72c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires
Sat, 06 Nov 2021 11:59:30 GMT
/
ausoafab.net/5/4446230/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ausoafab.net/5/4446230/?oo=1
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f2907247020b4ddcd50c2ead2d4810d7a7c5823fcd559be3071943fa439e01d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
34dce94096d2ed680e4a4fd8364a1ef4
pragma
no-cache, no-cache
date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://letsupload.io
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
ausoafab.net/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ausoafab.net/tag.min.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
20625
x-trace-id
aa5c1990e4089a766a2e7de903d56078
pragma
no-cache
last-modified
Tue, 05 Oct 2021 16:48:58 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:58:45 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
173541328
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://letsupload.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
586499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:04:31 GMT
stack-interface.woff2
letsupload.io/themes/spirit/assets/frontend/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://letsupload.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by
Host: letsupload.io
URL: https://letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.248.170.30 Amsterdam, Netherlands, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software
nginx centminmod / centminmod
Resource Hash
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

sec-fetch-mode
cors
origin
https://letsupload.io
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
filehosting=6sfm9bvkmlvh87g60gp0qq32sk
:path
/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
letsupload.io
referer
https://letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
Origin
https://letsupload.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:30 GMT
last-modified
Sun, 18 Oct 2020 13:16:16 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
"5f8c4020-10c4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
4292
expires
Fri, 07 Oct 2022 11:59:30 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v26/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac948f1f9f958d7e56ad53b1fdd18c26da63dd374d6be34a9f65285c49bb8a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://letsupload.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:08:43 GMT
x-content-type-options
nosniff
age
586247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17748
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:52:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:08:43 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1633607971007&@k0&@l1&@mError%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:64757555&@b3:1633607971&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
6499e0c20b295988412ed38b5b23d313e816073d7f7e9420288f33c3349ef43c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:59:31 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
4451391
dozubatan.com/400/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/400/4451391
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f0a6c773ed735f60bcec7a8b2be29a7b1d24cef62058cf5bd5bbe7e8ce0d37a4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
e0f53182f2f4b600dbd32d708bad789b
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
fac.php
onmarshtompor.com/ Frame 1BA9 		203 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/fac.php?OAID=b1104ace27804987ada7bf6d348c00b2&oaidts=1633607970
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ffe5d57d8ec6eb7a1313cf7fd5b0ab0ad4d4e24e6dda092cb8d943b356630340
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onmarshtompor.com
:scheme
https
:path
/fac.php?OAID=b1104ace27804987ada7bf6d348c00b2&oaidts=1633607970
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

server
nginx
date
Thu, 07 Oct 2021 11:59:24 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
b9bb46fd0638336d6e3ba4d6bc4746f5
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
set-cookie
OAID=b1104ace27804987ada7bf6d348c00b2; expires=Fri, 07 Oct 2022 11:59:31 GMT; path=/; secure; SameSite=None oaidts=1633607970; expires=Fri, 07 Oct 2022 11:59:31 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97187
x-xss-protection
0
server
cafe
etag
9922904937206383910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Oct 2021 11:59:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/ Frame 2C63 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211005/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 06 Oct 2021 20:10:53 GMT
expires
Wed, 20 Oct 2021 20:10:53 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
56918
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img.gif
my.rtmark.net/ Frame 1BA9 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=b1104ace27804987ada7bf6d348c00b2
Requested by
Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=b1104ace27804987ada7bf6d348c00b2&oaidts=1633607970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onmarshtompor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
cookie.js
partner.googleadservices.com/gampad/ 		203 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4d196079d355435b6b0cca7594255ab13ea6895cea9fdf2e663e073daa982f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=letsupload.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=letsupload.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F3B0 		85 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67e641d7b6e00dfb995267a3f4f377d4bbe3e44ed27dc7bfd67be07661fefdd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 07 Oct 2021 11:59:31 GMT
server
cafe
content-length
29109
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 12:14:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 07 Oct 2021 11:59:31 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9F19 		273 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&adk=1812271804&adf=3025194257&lmt=1633607971&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971077&bpp=1&bdt=287&idt=120&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=5579589146001&frm=20&pv=1&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9bbb93f5485a31cfa4fe56d09d7416766090eed4c1bb27ec8492ddbf9ad4d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2032633001482750&output=html&adk=1812271804&adf=3025194257&lmt=1633607971&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971077&bpp=1&bdt=287&idt=120&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&nras=1&correlator=5579589146001&frm=20&pv=1&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 07 Oct 2021 11:59:31 GMT
server
cafe
content-length
64369
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 12:14:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 07 Oct 2021 11:59:31 GMT
cache-control
private
/
onmarshtompor.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/?rb=IzV28uHmm-HMZRJTkXdILNs4J-BCtLbDNCD3PC72R4cVtwOCMjfZnka7bcr7CHvu4f5t9b5pFjq4W4-tFB68xd7WCIjfOOtpM2XeDJkzY_No87brBW9YmgNlGzYOrjaphJkJoOCQum8XA2z3QnR88WLddn9Kty7lNiy5HkZ9Dn-ykGzjRdXv9wjc1s5NQqrOkxgBL2Bb44KPDkiH520S-F3NDD63QSJ4GXAbs1eUVlpu7QO7EDELe1M8q6UX3FEKN4fFiK3kPpI8WaEgRILNeL8C1dM%3D&zoneid=4446230&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=5aed9068-d9f7-4246-b906-4f5b349d9987&m=link
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3a2304f5b716fb435af9e1859300b5a99c32818ef0dc4e29d0252ac4c5874e62
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://letsupload.io
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4451391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b14d04565d540b6e10f290db6f41dd28d7118729472f824b08905a0bc0cc2bf9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://letsupload.io
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
4451391
dozubatan.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4451391?excludes=&oaid=b1104ace27804987ada7bf6d348c00b2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://letsupload.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 07 Oct 2021 11:59:31 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://letsupload.io
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
4451391
dozubatan.com/500/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4451391?excludes=&oaid=b1104ace27804987ada7bf6d348c00b2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4451391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0018aa0f22f6924bc5f11cb272fe08b85587f2cf90610d8cf00f9bd55f092c6e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://letsupload.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
ea6e4b0954b9a6c4db87be9d970a57f4
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://letsupload.io
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:59:31 GMT
Last-Modified
Thu, 21 Feb 2019 14:00:06 GMT
Server
nginx
ETag
"5c6eaee6-241"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
577
z_u06b9_CW07f-wWdsTMvC7aMzrdORn9JOZ0-J4My52OXOgFnCkFUheYGfgENPguJNkLa1oJvGimb3xi0mljPHpmAnltUzUNNIuONbpKHATRLvUdH9O46w31HLw1x9MFTGdbTCoD7C2MJuJtMBSD01vzeWQq6rv5-jCsJxG0MPF72xgAchLw92mA2DWbOlg_FCeh8...
forflygonom.com/impression/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forflygonom.com/impression/z_u06b9_CW07f-wWdsTMvC7aMzrdORn9JOZ0-J4My52OXOgFnCkFUheYGfgENPguJNkLa1oJvGimb3xi0mljPHpmAnltUzUNNIuONbpKHATRLvUdH9O46w31HLw1x9MFTGdbTCoD7C2MJuJtMBSD01vzeWQq6rv5-jCsJxG0MPF72xgAchLw92mA2DWbOlg_FCeh84CTH1MtFwQrGRet6wC9xA5ErFNqRDzyFMc7MhqNhyI239OsyCTZkqfhuoxd7PibYw2gjkzu6OGR-9R7Iv93vSdiKufgCwUy4nBgrswIRqzo2x5vS6mE7ZuH8OXz2fgeb6fUMobsb0-AtC_4LLhiNsX093RUIeDxkWMF_WCGQZeic1awLhoELTGJ-FpB9Q-d1w==?_z=4451391&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
49b3231bc0b2b48f3e8edbce40f79958
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:31 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame F3B0 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 04 Jan 2022 17:07:43 GMT
51960db45470192acc393a412d64dac5.js
www.gstatic.com/mysidia/ Frame F3B0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight_holdback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 21:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3401
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Thu, 30 Dec 2021 21:06:18 GMT
css
fonts.googleapis.com/ Frame F3B0 		3 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 10:30:41 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame F3B0 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:52:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame F3B0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:54:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame F3B0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:48:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3B0 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Oct 2021 11:59:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame F3B0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:56:03 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame F3B0 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 10:35:08 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/reactive_library_fy2019.js?bust=31063019
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bccbbf39f46905558190fd7f8e6aaf9686bd32fef7f243b01f019d1bc95a3ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52306
x-xss-protection
0
server
cafe
etag
1327222315113741855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Oct 2021 11:59:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F3B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4jIMI-FeYcD2DIfFgAekhKrgCNOYosFlt_-r0sgOiJiswoAMEAEgi4HzOWCV4pCCoAegAar59JsDyAEBqAMByAPLBKoEigJP0HxHZDv0J2hbQRw8qT9oZcv21hF9MKwKne-GURy9lTtFZKc4l9dyFsj0EPuOTj9cbie-AOorWOYtnkXRqGCrJzxKvQqt85dTgf3OijzeVfzTdYqvb9tLTY59fHlYL7ImVjVvQigJAlZ_SDpxCzTSTFiAPzLfAibAIKGsKH_WyGMp9149TsfrL9G7neNHxVTKmgC2Ew62Ro_TH-rKeue-X7p5MADwfGngIDobhgT6ZzvDqbBu7sgfrS67Oa9VJVMu3AdrX5Tdagew_kMo5RE66zI7lDmW0zoz0aTLXAxtfHz5oOe5AhXs45ozjSWFOAv-mXFw7uSNS8UBTObpIuMusU7PgpZLk498p8AE_5jLxdgDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB76Gi2SoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEIXGFNIICQiA4YAQEAEYX4AKAcgLAdgTDYgUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMDMyNjMzMDAxNDgyNzUwGAA&sigh=3rJxlgYNdOc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Oct 2021 11:59:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 07 Oct 2021 11:59:31 GMT
4451391
dozubatan.com/500/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4451391?excludes=9625604&oaid=b1104ace27804987ada7bf6d348c00b2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4451391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b15ea461459bac7ededdf042477e8c1bded280d63292a7e258910e4d4c776df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://letsupload.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
c5bddd540d3ee5f8f659a8f3f3ea809d
pragma
no-cache
date
Thu, 07 Oct 2021 11:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://letsupload.io
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
4451391
dozubatan.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4451391?excludes=9625604&oaid=b1104ace27804987ada7bf6d348c00b2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://letsupload.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 07 Oct 2021 11:59:31 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://letsupload.io
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=letsupload.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=letsupload.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Oct 2021 11:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/ Frame 75E1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 06 Oct 2021 20:48:36 GMT
expires
Wed, 20 Oct 2021 20:48:36 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
54655
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/ Frame DEC2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 06 Oct 2021 20:48:36 GMT
expires
Wed, 20 Oct 2021 20:48:36 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
54655
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0100 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 07 Oct 2021 11:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F3B0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d9a9653eed3a33ffd0c82d3cce997e80f42ff2c556d8f80624d59e8cdbf44e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F3B0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:44:05 GMT
x-content-type-options
nosniff
age
184527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F3B0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options
nosniff
age
201075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:08:17 GMT
css2
fonts.googleapis.com/ Frame 75E1 		4 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 10:38:05 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:32 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 75E1 		205 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 10:48:14 GMT
x-content-type-options
nosniff
age
90678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 06 Oct 2022 10:48:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 75E1 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 10:45:49 GMT
x-content-type-options
nosniff
age
90823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 06 Oct 2022 10:45:49 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/elements/html/ Frame 75E1 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7627
x-xss-protection
0
server
cafe
etag
14532344818667626787
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:56:53 GMT
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame DEC2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 04 Jan 2022 17:07:43 GMT
51960db45470192acc393a412d64dac5.js
www.gstatic.com/mysidia/ Frame DEC2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3401
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 04 Jan 2022 17:11:45 GMT
css
fonts.googleapis.com/ Frame DEC2 		3 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 10:25:38 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:32 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame DEC2 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:52:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame DEC2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:54:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame DEC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:48:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEC2 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Oct 2021 11:59:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame DEC2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:56:03 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame DEC2 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 10:35:08 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0100
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkiEq6ToxD8ltyZOmUlGxHGNgdu0sxFH2WwmV_6V1_sUCzGbuk9ce2_MCyBaTs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 07 Oct 2021 11:59:32 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 07-Oct-2021 12:59:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 07 Oct 2021 11:59:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 07 Oct 2021 11:59:32 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame BF18 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 04 Jan 2022 17:07:43 GMT
7ccd4b6f1d3f4cea8395446f5f143439.js
www.gstatic.com/mysidia/ Frame BF18 		129 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7ccd4b6f1d3f4cea8395446f5f143439.js?tag=video_mra/web_interstitial_raspberry
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce84083ca63f4b7476c03b3edbdda0f3ca9c682cda7abc6e2466b90b0d63b775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 20:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48578
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 04 Jan 2022 20:30:53 GMT
css
fonts.googleapis.com/ Frame BF18 		3 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 10:32:56 GMT
server
ESF
date
Thu, 07 Oct 2021 11:59:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:59:32 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame BF18 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:52:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame BF18 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:54:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame BF18 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:48:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF18 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Oct 2021 11:59:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame BF18 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 11:56:03 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame BF18 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 10:35:08 GMT
01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by
Host: letsupload.io
URL: https://letsupload.io/error?e=File+has+been+removed+due+to+inactivity.
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:59:32 GMT
Last-Modified
Thu, 01 Jul 2021 09:13:54 GMT
Server
nginx
ETag
"60dd8752-86d"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
2157
adview
googleads.g.doubleclick.net/pagead/ Frame DEC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwoKaI-FeYcDJDa_Z-gaH2Y_IC9OYosFlt_-r0sgOiJiswoAMEAEgi4HzOWCV4pCCoAegAar59JsDyAEBqAMByAPLBKoEhwJP0NQgIfmdS3LvTkS_61kKFt_nwVJMM3lUkw5hf9w9UZwejnkGsYjsS1_W8MTeIzgEKrbLg7nqFvbI63_2iES9A1yricVKBuLUI8p4AMz2iwEEn83VSAuUEHARoepp3rabrE4l_tH4T_bWFGAet9c68E79GlWPecvCHBN121oodb1EniWS9nES4cE1ameJvnSiX4nXxDQFs1qq9MwqGChLAg25Pvy8i_6d6Ac-4kjNSIWoF7pjoeNj-xtzVWdCukBKch5z9JgN4hUP5k7bpBwkHUUBK-XcT37Z_Uf2K9QBxrdnf-zM-NytZ-Nn1YhU6JmAXehw3hGqOXMgwJDSiizb3Xy7hQUwhMAE_5jLxdgDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB76Gi2SoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEJSTBdIICQiA4YAQEAEYX4AKAcgLAdgTDYgUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMDMyNjMzMDAxNDgyNzUwGAA&sigh=Sy7yooUxr3Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Oct 2021 11:59:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 54EB 		143 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkiEq6ToxD8ltyZOmUlGxHGNgdu0sxFH2WwmV_6V1_sUCzGbuk9ce2_MCyBaTs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 07 Oct 2021 11:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DEC2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd486f4b77eed2024a53eb35ad655fd996321d6bc2ed2f0d2c6b200c63aa04bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ Frame 2A9C 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4451391
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:59:32 GMT
Last-Modified
Thu, 21 Feb 2019 14:00:06 GMT
Server
nginx
ETag
"5c6eaee6-241"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
577
btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
pagead2.googlesyndication.com/bg/ Frame 2FCC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:22:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
229005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 20:22:47 GMT
btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
pagead2.googlesyndication.com/bg/ Frame 915D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2032633001482750&output=html&h=280&slotname=6872101310&adk=1852781675&adf=2889314063&pi=t.ma~as.6872101310&w=1110&fwrn=4&fwrnh=100&lmt=1633607971&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fletsupload.io%2Ferror%3Fe%3DFile%2Bhas%2Bbeen%2Bremoved%2Bdue%2Bto%2Binactivity.&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607971062&bpp=4&bdt=272&idt=112&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5579589146001&frm=20&pv=2&ga_vid=1801517193.1633607971&ga_sid=1633607971&ga_hid=1366796750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063014%2C31063019&oid=2&pvsid=238245814406410&pem=801&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h73njC2y51&p=https%3A//letsupload.io&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:22:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
229005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 20:22:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211005&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d0cb31d1dbf8102aa0ceae0f1c839ba6e0e5cd6a516f5578924b2d79e70d31a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Oct 2021 11:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8524
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 54EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkiEq6ToxD8ltyZOmUlGxHGNgdu0sxFH2WwmV_6V1_sUCzGbuk9ce2_MCyBaTs; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 07 Oct 2021 11:59:32 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 07-Oct-2021 12:59:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 07 Oct 2021 11:59:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 07 Oct 2021 11:59:32 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
pagead2.googlesyndication.com/bg/ Frame 8D25 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:22:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
229005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 20:22:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 07 Oct 2021 11:59:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 135F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 07 Oct 2021 11:51:15 GMT
expires
Fri, 07 Oct 2022 11:51:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F8BE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
385cdb796db97a7f4741eccfffadf38a690ff1e7400573123661fe11d25ec955
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fQiIkxa9dJdFZpxwO8H+VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://letsupload.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 07 Oct 2021 11:59:32 GMT
date
Thu, 07 Oct 2021 11:59:32 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-fQiIkxa9dJdFZpxwO8H+VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
pagead2.googlesyndication.com/bg/ Frame 135F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:22:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
229005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 20:22:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211005&jk=238245814406410&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211005&jk=238245814406410&bg=!l5SllNDNAAYiB-bNIgc7ACkAdvg8Wn50xtdUXQBMTsY-UM51r8lUrVomYhDdtjpyI-zT-MFHsVHajgIAAABgUgAAAAxoAQeZAqoB-8dIYCNdGEa5ueBf-dFQkD9LxS-pL0CvtZO6FSgFC0d3j_X6X6ngpNHKjQvt6_WvZL8Atlp2n5bLZGAlfXsRQW3ESe6MvqqkZcCL2JERnMGYISkk7Pp5h__jVr1DPOT1Jb1V7_Kdodvjkj16zM1V1KPy8RmuKo3vVkS-9x65yQ73u7ZkXITwfZEOtg6RJSfWFwbxQ9ItuT94M12R4cgeWbXQgl9Ic7CNs0ehOczJsRaWZv9OIzfsdFC83ktJSIg2PolKMmalUMpK1zjdylqR7draHIXWY4ZrOFPAwS2_OCZzcUgeWKQTUVKHpCmu-w6uIcr8_U9MHftWCkOgX2U6jolvFHoseOHovQzpnrDyOaFaQ_kqSu1zfcxKpfphTfpY9ycLPdydYCMfRbvyq-wffBO1doap2kGKSrGMXMX66cqg6JgeYTXGNORYMQPsUgnuVtOAVKF6v1CcPXWsZNGic5CtlgXbh9EndXruQOcJ_9uH1B2corSUFA5hsc6YmviVCnQbapzexlynkqTQw6tHyp4j4NFk2dGeEWMWlUNldoXcGfvjqgUV9-FPuhd-dZjgf-tXE-7XWoWq0cUBYKjCYcdgQDVAMt7QVnZoOXhf2z_iNuBLhdURLCjb68g8SNrDg9Wj8-9R4UKD0XhExJdGBv-WJ6GT7ahzzDTl4vH1Fc3SD1gFKsK2s5R_ys9iBatmnj_IuEreCnyGi3xK7hoBVrNqgg3nbXgzCqX9p8zTG7i9X6hLmJKtR8XJHeVsuuMf_7D1V5rpzJtLQDDRNLFGfwInI5MxAg4rV-8DVj6FrIVtLVdsNd48-_H4sK4_6j1ZDas7tCWOiiTcZcGjuwnYI1Y9lRx5dYgtHk_jKADebhK7bj6n_fG6bbLoqUTXsNEUuGCjC_8GQpkM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://letsupload.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame F3B0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEFbaKCt0eRHPbNAkHgsILC6Yh3cGS8zFBiNRKjqryyb5KvyyqoNsQFQ7TfFyLtsmxXWy5tYw4pkDwXGBGgfZVQk211NjNY3aA7qX4Q8IQ4WBfXWY6cw&sai=AMfl-YS5aaVl5Evzuo3pLok_om9nrWVWXVU0cjjGMmunXcZQEaK73j819GK1ygXa3IxfwCAYVeLVTFqUnZGW&sig=Cg0ArKJSzCnVb5ytoPe-EAE&id=lidar2&mcvt=1000&p=35,0,315,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1852781675&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633607971191&rpt=1071&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:59:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DEC2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWdJ9zX1678ZpixgAAYgddQu6R7mMKl7b7dq54u-ZaLgUmhI_gxXQxjA_UleEx1ig3FnIwa-_W9F0PFQFHP4wBdt966nSWlhgtuUJ4vf18OQ4ct48ySA&sai=AMfl-YTCe_U0rjFpW45_230YeEP01fwC5-ZXwGODqcE_WO5GOdSGkP1oGwKM5TC7Ll34RyVb6hYNKamelDmG&sig=Cg0ArKJSzNGiaCPs9PhsEAE&id=lidar2&mcvt=1000&p=113,298,237,1303&mtos=599,816,1000,1115,1299&tos=599,217,184,115,184&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633607971971&rpt=304
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:59:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster boolean| LOGGED_IN string| k object| _pq2bzdhk4l object| 5zavq020ajx object| zfgformats function| setImmediate function| clearImmediate function| _foenj function| _zquqkqho object| _Hasync object| adsbygoogle function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| Picker function| Granim object| smoothScroll object| mr function| mrFormsCaptchaInit function| chfh function| chfh2 string| _HST_cntval object| Histats function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint object| webpushlogs function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

20 Cookies

Domain/Path Name / Value
letsupload.io/ Name: filehosting
Value: 6sfm9bvkmlvh87g60gp0qq32sk
ausoafab.net/ Name: OAID
Value: b1104ace27804987ada7bf6d348c00b2
ausoafab.net/ Name: oaidts
Value: 1633607970
trysprierratty.com/ Name: GL_UI4
Value: eJw9jUtOwzAYhPMOVUnESDkAR4hJi9sl4hAsI8f%2Bk5omduWYRtweCwlW82kemiiKkqZGfC9SpF%2FiiGfJiTP%2BIjk%2FsaHtDufXjsYj46eRHfhZKez02nsxzOQzPE5kyGnZS6uowlOI%2FpyrsZvJkA9OGFUhX0JjrlAOzm4ruSZFZsRCKN4vzgbNF%2FFpHZJzF1CbgHGLxK5NWu9Qfmijwq7eI2FtXRUR9rdZ%2BNG6pdeqiJFPTihC%2FIYHKTxN1n2jVLRevb0Bdlb9f%2F%2F3Nt1Yi0LRXcvwbf2F3A%2Fx6Uoh
trysprierratty.com/ Name: GL_GI10
Value: eJxljFFqwkAYhONGt4olZcAD5AINmLboe431oZ5hWeKfsJTsv%2ByuYnp6o0IR%2BjAwzMw3SZKIRQZhHLLl%2BqMo38pBxXK1RtoSQ2wqPNd8tNH3yuqO8PRFvtO2h%2FTUGrYQuwrzu1c1HwiTTfX6kN2oyY5CIIxrE3tg67X9aY4%2B5rrL99pYzK7FHV8M%2BP9BaoLDdF%2B%2Br%2FLveMDMUlTBEQ32k71jryMh%2B0tvVzLF1ATlPJ97OcJLNB39siXFTRMoSoHRSYoL7iNMuw%3D%3D
letsupload.io/ Name: HstCfa4434016
Value: 1633607971007
letsupload.io/ Name: HstCla4434016
Value: 1633607971007
letsupload.io/ Name: HstCmu4434016
Value: 1633607971007
letsupload.io/ Name: HstPn4434016
Value: 1
letsupload.io/ Name: HstPt4434016
Value: 1
letsupload.io/ Name: HstCnv4434016
Value: 1
letsupload.io/ Name: HstCns4434016
Value: 1
onmarshtompor.com/ Name: OAID
Value: b1104ace27804987ada7bf6d348c00b2
onmarshtompor.com/ Name: oaidts
Value: 1633607970
my.rtmark.net/ Name: ID
Value: b1104ace27804987ada7bf6d348c00b2
letsupload.io/ Name: prefetchAd_4446230
Value: true
.letsupload.io/ Name: __gads
Value: ID=f68fa22f35c9b0ef-224ad888e7ca00a5:T=1633607971:RT=1633607971:S=ALNI_MZg4tkoaDSL3uD1NdCcm6acHnW71g
dozubatan.com/ Name: OAID
Value: b1104ace27804987ada7bf6d348c00b2
.doubleclick.net/ Name: IDE
Value: AHWqTUkiEq6ToxD8ltyZOmUlGxHGNgdu0sxFH2WwmV_6V1_sUCzGbuk9ce2_MCyBaTs
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2032633001482750&fa=1&ifi=4&uci=a!4
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ausoafab.net
dozubatan.com
fonts.googleapis.com
fonts.gstatic.com
forflygonom.com
googleads.g.doubleclick.net
letsupload.io
my.rtmark.net
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
static.cdnativepush.com
tpc.googlesyndication.com
trysprierratty.com
www.google.com
www.googletagservices.com
www.gstatic.com
139.45.195.8
139.45.197.188
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.243
142.91.159.115
172.217.16.130
192.99.13.63
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
46.105.201.240
89.248.170.30
0018aa0f22f6924bc5f11cb272fe08b85587f2cf90610d8cf00f9bd55f092c6e
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab
385cdb796db97a7f4741eccfffadf38a690ff1e7400573123661fe11d25ec955
3a2304f5b716fb435af9e1859300b5a99c32818ef0dc4e29d0252ac4c5874e62
3ac948f1f9f958d7e56ad53b1fdd18c26da63dd374d6be34a9f65285c49bb8a8
4d196079d355435b6b0cca7594255ab13ea6895cea9fdf2e663e073daa982f9f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9a9653eed3a33ffd0c82d3cce997e80f42ff2c556d8f80624d59e8cdbf44e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5b15ea461459bac7ededdf042477e8c1bded280d63292a7e258910e4d4c776df
5bccbbf39f46905558190fd7f8e6aaf9686bd32fef7f243b01f019d1bc95a3ec
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
6003d701de1975e1c56f4cca73a6d106a17ff8d633997a71b5b13682495478ed
6499e0c20b295988412ed38b5b23d313e816073d7f7e9420288f33c3349ef43c
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
67e641d7b6e00dfb995267a3f4f377d4bbe3e44ed27dc7bfd67be07661fefdd5
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
7d0cb31d1dbf8102aa0ceae0f1c839ba6e0e5cd6a516f5578924b2d79e70d31a
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
8bb063904473a1de32aacb8ab6111bb464086a63eaa8cf17971dc4a389f5f0da
8c4e4ad5e377f7dcc70614b1601616386066591f4932304d08396f9a51ecfd79
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
9f2907247020b4ddcd50c2ead2d4810d7a7c5823fcd559be3071943fa439e01d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b
b14d04565d540b6e10f290db6f41dd28d7118729472f824b08905a0bc0cc2bf9
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cd486f4b77eed2024a53eb35ad655fd996321d6bc2ed2f0d2c6b200c63aa04bc
ce84083ca63f4b7476c03b3edbdda0f3ca9c682cda7abc6e2466b90b0d63b775
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e67713a863f13bf3234c0d12f8d787c68038b76798e5820b4fe3692e5e12d26d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a6c773ed735f60bcec7a8b2be29a7b1d24cef62058cf5bd5bbe7e8ce0d37a4
f9bbb93f5485a31cfa4fe56d09d7416766090eed4c1bb27ec8492ddbf9ad4d57
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
ffe5d57d8ec6eb7a1313cf7fd5b0ab0ad4d4e24e6dda092cb8d943b356630340