urlscan.io logo urlscan.io
SecurityTrails logo

upfilesurls.com Open in urlscan Pro
2606:4700:20::ac43:475a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://upfiles.com/aiY2
Effective URL: https://upfilesurls.com/aiY2
Submission: On July 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 8 countries across 32 domains to perform 126 HTTP transactions. The main IP is 2606:4700:20::ac43:475a, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com.
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.
This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.109.82.155 7979 (SERVERS-COM)
2 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
16 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 37.48.68.71 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:225... ()
8 2a02:2638:d::2 44788 (ASN-CRITE...)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 108.128.97.117 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 7 216.58.212.130 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 1 54.211.72.252 14618 (AMAZON-AES)
2 2 216.52.2.86 32475 (SINGLEHOP...)
1 54.65.174.169 16509 (AMAZON-02)
1 2 51.89.9.252 16276 (OVH)
1 178.250.1.6 44788 (ASN-CRITE...)
7 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:d::11 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
126 40
1    2606:4700:3031::6815:480c (United States)

ASN13335 (CLOUDFLARENET, US)
upfiles.com
13    2606:4700:20::ac43:475a (United States)

ASN13335 (CLOUDFLARENET, US)
upfilesurls.com
1    23.109.82.155 (Netherlands)

ASN7979 (SERVERS-COM, US)
cschyogh.com
2    2606:4700:3036::ac43:9a75 (United States)

ASN13335 (CLOUDFLARENET, US)
asacdn.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
16    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:e2::ac40:8a25 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:2250:4e00:a:e047:753:be1 (United States)

ASN- ()
cdn.prod.uidapi.com
8    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    108.128.97.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
9    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
7    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3601:832b:4f07:a3c4:1c3d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    54.211.72.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-252.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    54.65.174.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-174-169.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
7    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
cm.g.doubleclick.net — Cisco Umbrella Rank: 232
245 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
125 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8389
csm.eu.criteo.net — Cisco Umbrella Rank: 8326
372 KB
16 demand.supply
live.demand.supply — Cisco Umbrella Rank: 44411
37 KB
13 upfilesurls.com
upfilesurls.com
348 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 421
mug.criteo.com — Cisco Umbrella Rank: 2491
ads.eu.criteo.com — Cisco Umbrella Rank: 8265
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9399
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14197
55 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
258 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
region1.google-analytics.com — Cisco Umbrella Rank: 1851
21 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 806
487 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 766
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4506
644 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 208
113 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1666
315 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 907
id5-sync.com — Cisco Umbrella Rank: 420
25 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1070
bcp.crwdcntrl.net — Cisco Umbrella Rank: 900
12 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 44045
410 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
141 KB
2 asacdn.com
asacdn.com — Cisco Umbrella Rank: 239697
76 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7679
44 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 791
1 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 457
712 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
583 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1697
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 361
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1699
2 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 34372
468 B
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1686
902 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 66125
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 76
1 KB
1 cschyogh.com
cschyogh.com
1 KB
1 upfiles.com
upfiles.com
1 KB
126 32
Domain Requested by
16 live.demand.supply upfilesurls.com
live.demand.supply
client
15 securepubads.g.doubleclick.net upfilesurls.com
securepubads.g.doubleclick.net
live.demand.supply
www.googletagservices.com
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
13 upfilesurls.com 2 redirects upfilesurls.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
9 pagead2.googlesyndication.com upfilesurls.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
www.googletagservices.com
8 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
7 imageproxy.eu.criteo.net ads.eu.criteo.com
7 cm.g.doubleclick.net 1 redirects 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 onetag-sys.com 1 redirects 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
2 ap.lijit.com 2 redirects
2 d5p.de17a.com 2 redirects
2 www.google.com tpc.googlesyndication.com
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
2 www.googletagservices.com securepubads.g.doubleclick.net
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 youradexchange.com asacdn.com
2 www.googletagmanager.com upfilesurls.com
www.googletagmanager.com
2 asacdn.com upfilesurls.com
asacdn.com
1 rtb.nl3.eu.criteo.com 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 cc.adingo.jp 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ads.eu.criteo.com 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.recaptcha.net
1 datatechone.com cdntechone.com
1 www.recaptcha.net upfilesurls.com
1 cdntechone.com upfilesurls.com
1 fonts.googleapis.com upfilesurls.com
1 cschyogh.com upfilesurls.com
1 upfiles.com 1 redirects
126 45

This site contains links to these domains. Also see Links.

Domain
upfiles.com
youradexchange.com
sulvo.com
Subject Issuer Validity Valid
upfilesurls.com
GTS CA 1P5		 2023-07-25 -
2023-10-23		 3 months crt.sh
cschyogh.com
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh
asacdn.com
E1		 2023-07-11 -
2023-10-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-06-21 -
2023-09-19		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-07 -
2023-08-30		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://upfilesurls.com/aiY2
Frame ID: 2DE5953C263DC390EAD7B9F253A95584
Requests: 72 HTTP requests in this frame

Frame: https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
Frame ID: FADF1241C2083B00A3927F1F852CA683
Requests: 2 HTTP requests in this frame

Frame: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C5C8A991C3C914B7A6C9DA5D015544B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Frame ID: 2A0579A7FFD45FDF8763F378A5115833
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWB6HT_TcwK8H3dGW3fVVo5AHnOjm7Q3ccDiRR-VwAPv-OHNR01YglZaQocQTnTIEw57y5Zlc96UJPbUVs6PaEnllWBnZeH_ftHx8Fu4J79wUSEipgOuiSEN9iosI9XPgkDhVt-4cGxQuIjk7EkI04UeCAMtC1jQeJlAv5_TzaFbOUfBZgk54OKFwza3Ey64LKxngVfqWYL4Uiyf5vUcTZn54_jf-S_c2mB6rHi8k09FnZzWFEEjMAwnIV9y16Dqb1EPkOx13HOA3Y2DL04qZ_Psij3oKj0OXqFrEd7a8gGc5pJbabVmKj5zhsGCwekzcYtIHyjrnU2hhTyBf8pHbM3glkVofoqA&sai=AMfl-YTq7If_oCkkhtSa_jC2KXEVyb3i0eQmfRSZSgcEvynX7nPJ043Ry8hEBEPagyJWC99iI-JE7BpYtCTrr3DcXtP9vYnpJqjTNgFfBsNQqgywp5lefbOyD6HcpM-idc9StNgg7ZbCJFSV0mzQI6E&sig=Cg0ArKJSzFKGWVnW9E7uEAE&uach_m=[UACH]&adurl=
Frame ID: 90C0F234F6C869189A57A26C949CC3E5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFB2CA3A233CE5A30EE3952DA721EFF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AF8AFDB727BB4D5283B0DC3B8D00D27
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuZuxWQndmOFgvoir3z__rqDfvNBcFBkvViQT6i4XwK55CGznA1IcsnJ_RQIOmryhS-fcPluYwINaBAOtRLScsDt2WkD1yB5-gLZL5Ut5m0cxFFs6RP0CFdzEebXN2WotlAL_yo4HsVeTvX3wMWNO3rtTydUqLt_kVQVwfSbIeWINgv6rU7pPW4zzq2Lx-fMHHYDR8k2HHZj55SFKSWSCHA575_SLRi96e3IQpE9CunTOGUf5MvbetG0KfvPoSL9UhwvyQjsFtNwL6NpJYBNzcfuqRhQ-Ayq7S9NXfMval0K3-S-i8aDu_qVV15bO6M1pQgzH_3bspF7UuVtVgQo08dBkiWPV6WQNiTX9kuGsy0wTDbxVV2K8eKm1d32DYmivGuyCCSroGwqHzmw&sai=AMfl-YTRL8ogri2nPd6tjoek6BQ5Ss5Nuxku62I45bi7UNR8q0F5GTxD4NrdUOgbtMx2G54uUl_2eBm9W18JG9lpHmVHqTrtGI-gCXzPqHyny7LjoBXK2pUFibfUk7XYDA&sig=Cg0ArKJSzFSQuJL9LBy6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CA18E6A81FEA20117D620640125B3120
Requests: 2 HTTP requests in this frame

Frame: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CF34E5A5250E5BB08BBBCBD45E05931
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 81A7D1A9C4CA3E8255F72FBC4E04EE76
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9610AE08873165F6BCFAAC7B60D9F915
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

0tmi52.rar

Page URL History Show full URLs

  1. https://upfiles.com/aiY2 HTTP 302
    https://upfilesurls.com/aiY2?auth=eyJpdiI6IlVPalZ5a2w4L0hKVGY0djkyV2V0VGc9PSIsInZhbHVlIjoieHlESG5GYV... HTTP 302
    https://upfilesurls.com/aiY2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

126
Requests

92 %
HTTPS

64 %
IPv6

32
Domains

45
Subdomains

40
IPs

8
Countries

1843 kB
Transfer

4624 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://upfiles.com/aiY2 HTTP 302
    https://upfilesurls.com/aiY2?auth=eyJpdiI6IlVPalZ5a2w4L0hKVGY0djkyV2V0VGc9PSIsInZhbHVlIjoieHlESG5GYVFVeUN2WjgybW1oOFAvZz09IiwibWFjIjoiOWE4MWIzYzIwNGYxM2YxZTVjODQwMzg1ZjRmZDFlYzQ2MWNhYWMyNGQ0MjA3ODdkZTQxNDNlZDU4YzJiNTJkYiIsInRhZyI6IiJ9 HTTP 302
    https://upfilesurls.com/aiY2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
Request Chain 58
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PpdrJHwzZTlxSTV3ZGFPWjMxbDZ2d0x0V2ZkNTh5d3c5bWN4cnE2VHVEZzlBVWdOZTM4WDExVkNzbWYrUGJaWThtRS9lejZOU0FjY2ZXeVNCVFBxallwcGVGeUNqc2MydjBLOURQanYyeld3bzlXOEZpdjRUOTZWNlRxT2V6N2ZkcWpRKzhIc0s5ai9kRkJ2eW9EYjNYL3F0UG4yUVpLUnVLMWR2N29kWXoxcll6Nk41dHV1NHFFRWU4VTFya1BPNEVaL2ZNK0JrQWVqcjh4Z2JtL3BWVEY1U2FRdGF5R1BHbFdyeng4ZjA0MEs1cGJRVlp4ZTUyTm5JQXdLdnZFUG1OUGRJYlk5Y0dBZWxaSWZLdFJsQmljTDNJUT09fA&cppv=2
Request Chain 99
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC5b6X0O91sQCX5fOdYzbTI&google_cver=1&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9s7SWSE5UBVDrY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MDMxMDgyNzEwNDQwMTU2MQ%3D%3D&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9s7SWSE5UBVDrY
Request Chain 100
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH3zDkxMArV_G40loPQkbrU&google_cver=1&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ&google_hm=eS1LVlBLa0hwRTJwRkxyZElnMnp2Y3ByZ2pTRVF6TFB2Rn5B
Request Chain 101
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDPH3PBVoucNIxL2jm7A9kI&google_cver=1&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDPH3PBVoucNIxL2jm7A9kI&google_cver=1&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE
Request Chain 102
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJVIAOTbamviIvDsNfghwRc&google_cver=1&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hjYVIS4mQpqjYVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3_GxipHyVMdSF-_h-hBmCFFfBSc&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hjYVIS4mQpqjYVs
Request Chain 103
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOjpwEyu7TZlg_7R3SUZ0GY&google_cver=1&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOjpwEyu7TZlg_7R3SUZ0GY&google_cver=1&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo&google_hm=HDFSsGZHODDe0YBORDOea5ZW
Request Chain 105
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELy8df2c42hsHsH6QLpXqJY&google_cver=1&google_push=AaAOQGHEOll1pKENFXkrPtX2O_PgWxaRRzsYeFj0GxtRm5AXx9I8LUwRL_Erbw0-yhhN5OGKKk2w07VeS7fJo87Pw5gukmRtbjfi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHEOll1pKENFXkrPtX2O_PgWxaRRzsYeFj0GxtRm5AXx9I8LUwRL_Erbw0-yhhN5OGKKk2w07VeS7fJo87Pw5gukmRtbjfi HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aiY2
upfilesurls.com/
Redirect Chain
  • https://upfiles.com/aiY2
  • https://upfilesurls.com/aiY2?auth=eyJpdiI6IlVPalZ5a2w4L0hKVGY0djkyV2V0VGc9PSIsInZhbHVlIjoieHlESG5GYVFVeUN2WjgybW1oOFAvZz09IiwibWFjIjoiOWE4MWIzYzIwNGYxM2YxZTVjODQwMzg1ZjRmZDFlYzQ2MWNhYWMyNGQ0MjA3ODd...
  • https://upfilesurls.com/aiY2
28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05fc99c8ba160e9941e197a8928f0362f1e72b3dce58d6b5526eadaad124c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ed14076f88c4d28-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 01:53:59 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r51FZhjMCCtpzTegkuyzm50ac%2BgP%2FE%2FHWcEzi5RPA%2BrmAO7qfayjxOsWf9RJ96SndS4K6Wc6Q8sp%2FFSncd9eNd6tFIUHQUE7rw4WtBXryLebYFTiSMgVRed7LnzSNQMwGcAmc8u%2BUiDQq%2Bm4OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ed140740edb4d28-FRA
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 01:53:58 GMT
expires
-1
location
https://upfilesurls.com/aiY2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9z%2BFIHP1V%2FlArHn7%2FRE%2FKhmouAjCYV4KF%2Bpe1ikzPWSwO08VIQJqtB6JDGf5VyPt7AKHwzNTb3YtaDptes9cHq1JrFJEMTfmVpcr6TIdfpSy%2BuLUr7QNbPnV%2FixOJcxfS9Fk2gk1p%2B%2BlropsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
frontend.css
upfilesurls.com/css/ 		255 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 18:47:00 GMT
server
cloudflare
age
1458993
etag
W/"63a354a4-3f918"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6C%2BjeNWs0oHmODUTJOVLJLmYy0CV7nYwOaaluico4bdE2y0iFzPZvHPKT1Zs6nH%2FHas8nSBtV4YhEwvhgreaNXgqVzvDHvjdYBaOngm7bVwQ08MVCbcD5Gil9mSg0ktPhXCpp8nM5yLEwIDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ed140897be24d28-FRA
logo.svg
upfilesurls.com/img/ 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/logo.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1458389
etag
W/"625014b1-56e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgXB2BtddJFa95FFf%2Bl%2FDZPNj6VL7PdKeFT5iL12BBZFZfE5sOXCnGQfABsOv%2Fmma75GmDK77b4TUZ6o1bMgbOS9YuYFUFYp0TBadBSelTMPUHKBVKatv8RQdnsCR8aSWd1DGpeCqkl6sZxf0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7ed140897be34d28-FRA
menu.svg
upfilesurls.com/img/ 		2 KB
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/menu.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2023 16:39:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1458991
etag
W/"63d009ce-72e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y56rmauqdQ6ihhW%2BeLYfdyyZgTDaigY4lbqYzVWNQSirg5cl4MKvv7mTwJN4YCDdSQmBu%2BWJTv%2B5unnabwcrvPkrvTnxq%2Bpc8wu72%2FcqCKF7lw0IYqdpdXR5lTjJHVbaFC%2FmuERd0YMwjrrxLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7ed1408a1c3f4d28-FRA
34742
cschyogh.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cschyogh.com/1clkn/34742
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.155 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 01:54:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
suv4.js
asacdn.com/script/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/suv4.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85d82fc6abc7f8eb2f38636611b6a10f04e7e595aaa401ff80e96e8db24e18d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1707
x-guploader-uploadid
ADPycdui8o7Eou5IEjOg_JQ53wUvTpErs3PQCDx6Btkj5ujrSc7YQJVL4H847J6TvMfEdCVhXzwbezA8htBeNkWjvtfGep7HVSaZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 26 Jul 2023 13:27:19 GMT
server
cloudflare
etag
W/"b511e410a4efb1f986399ba78b715335"
vary
Accept-Encoding
x-goog-hash
crc32c=xAiunA==, md5=tRHkEKTvsfmGOZuni3FTNQ==
x-goog-generation
1690378039051416
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zJgA%2BGiwWTojIhu%2BZaOgSM0U6%2FBooE5OzDGv5XLbcbFNVc4JSBoUOsVVmqduPKI1TwhSSQdrZrYrPIc17eSicYeVee%2BSNCKKyxmaJX8pMtzu1IoOe874aMkzeYaTR6GiVDYozqU1i41"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
142932
cf-ray
7ed14089cbbe371c-FRA
expires
Thu, 27 Jul 2023 02:09:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64c1a6f829c31cd66f3832397d252900819b9782e76dfd7e5a77c197b6363630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27891
x-xss-protection
0
server
cafe
etag
791 / 19565 / m202307200101 / config-hash: 6238320479289362845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:01 GMT
faqs-image.svg
upfilesurls.com/img/ 		37 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/faqs-image.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1458991
etag
W/"63c15cbf-95fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo6iBdp%2FlTC6vLmFbehgPl8NgTT%2FHrTjkAWnol%2FRUXwKSEpymQp%2Fk%2FJ4gLY66hXbNnIfg7mKFD5a9wyp9WorB%2Fhiuo9GWMeBVgmUd%2B3KAxvo3bJZBAgrR9dzfO5L%2FxpmKz%2F1iC5WUZATZ%2F%2B9uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7ed1408a1c404d28-FRA
plane.svg
upfilesurls.com/img/ 		684 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/plane.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1458991
etag
W/"63c15cbf-2ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPMbIPMkOlee3rqmvexxH8V9BDj%2FQer3zQRar8h%2F9EnHg0EvqVCFdRHWueYjDBPV%2BV%2BcL9VhJ%2BwWkIWiJf3wF22EYlpvhmiOs2zAzyFsLHFYNIaVWYDb3eBXuF1YvQ%2FLXdeGHH9EkbIvT0l3HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7ed1408a1c414d28-FRA
ads.js
upfilesurls.com/js/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/ads.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 11:38:01 GMT
server
cloudflare
age
1458389
etag
W/"63baab19-608"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIC9zneb5vf1Gecj3e8QJLeKvR082k1CEK6eTUm6aTn00L%2B4HkcJdlce%2BmEhUb2JhS9sv4qxHQxSFmzTiJQsd53VhnueD%2F8ujKwPTVG%2BagfycFpR0slMNkIiotSSrvdYSPlyg0SN7hRtipq8Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ed140899bf34d28-FRA
frontend.js
upfilesurls.com/js/ 		958 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/aiY2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1458993
cf-polished
origSize=980842
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 11:38:01 GMT
server
cloudflare
etag
W/"63baab19-ef76a"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WChC%2FwOxwlSvF0AllkJ%2F17qKo%2BkVlhz6vNjqvcCqqHsYWLNQ4JdjTJAM0Rc12JmuIY1uRPXblMLRrCcSJ6RA3KuC7y14OnvJzwpQLJxazwtl7O2Inve6ENfeB72DeIMJBaavIFNXSuikxdxsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ed14089ec294d28-FRA
js
www.googletagmanager.com/gtag/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27d2f316915b85da0eec7184baee597496189ee0676808b7d7212bd7ad358851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65903
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 00:05:16 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jul 2023 01:54:01 GMT
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 01:54:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jul 2023 01:54:01 GMT
stattag.js
cdntechone.com/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/stattag.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 08:43:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3989
etag
W/"646736c9-4859"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yXvBcmXNBquWNtrbS7VpK145KAtSQZ1%2Br89kok6HGHbdzXmBoXlcwXtYLIzHUKp0pyfCjTOAmI31LWb4mYEhiHMZpNuH1H0LvN2sTlYC1EdNX3Woi9viIviiGGhGTzZhJ%2BkNrklh7bmP%2FwwAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ed1408a5e1f9bfe-FRA
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152d9475153f107d5b837f32ceb43e3d954944df916b92751c60a04c458429eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H66Z7EWKV71ZCJKTM81QFB8Q
date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
cf-cache-status
HIT
age
62
cf-polished
origSize=4392
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"d296967a310907ae6f4b43e3f049014b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7ed1408a5d1c4d93-FRA
link
<https://live.demand.supply/impl.v17.6.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
timing-allow-origin
*
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:29:18 GMT
x-content-type-options
nosniff
age
41083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 14:29:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 06:14:45 GMT
x-content-type-options
nosniff
age
70756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 06:14:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:32:27 GMT
x-content-type-options
nosniff
age
40894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 14:32:27 GMT
ut.js
asacdn.com/script/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/ut.js?cb=1690422841953
Requested by
Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517a7604451ad51e25afeb6e8cc8418ed9c469642956b5bd9ae70781f351adb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
210
x-guploader-uploadid
ADPycdsV9zLbwHkV5JShx216SBzzJ8L1MX02CbKJfvFFKjPqLr_baeQrQOhk6XCrjHxhDbDS3bhAG0uvJoi8AP8Lh0iW0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 10:45:12 GMT
server
cloudflare
etag
W/"0b5eef3daf02d3b72eb76305d17e0ce3"
vary
Accept-Encoding
x-goog-hash
crc32c=B5xgSw==, md5=C17vPa8C07cut2MF0X4M4w==
x-goog-generation
1689763512316268
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQohW61q%2FJWZCCrdI1XGELJHWj%2BS6LQm0FZ59m%2BCiEmt9LEu%2FpG2INMm%2FG3HQkabcoVN5v0tTmLTzva6MYKHvHOfIba6ZZ3gq1JmOquO8KoIYy29bnozoA9SjgqOn%2BWLHUfCknPwMOJG"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82244
cf-ray
7ed1408a3c00371c-FRA
expires
Thu, 27 Jul 2023 02:25:21 GMT
suurl4.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5890046&chmob=%3F0&cbur=0.9842497653833893&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=0tmi52.rar&cbpage=https%3A%2F%2Fupfilesurls.com%2FaiY2&cbref=&cbdescription=&cbkeywords=insurance%20quotes%2C%20Car%20insurance%2C%20insurance%20broker%2C%20Life%20Insurance%2C%20insurance%20agent%2C%20insurance%20agent%20salary%2C%20insurance%20benefits%2C%20Auto%20Insurance%2C%20dog%20insurance&cbcdn=asacdn.com&aggr=0&ts=1690422841976&srs=2c8c343f272c5a43236839041c794f0a
Requested by
Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B953Tnu4qn7kho86zDTpU2Gly9j1J1TWEv7cH2gN649XwzBU95qANg9bKA%2Bj4dpSBLlzKzcKCFuyr%2BPPbqkdFBA%2BrX9Qo0jAxp7ueZeLZy1UTy66hUzwYW4gjxVvdKqyBe4wz0NUW930PdM5KC7Nq0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7ed1408a9d742bbe-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
arrow-down.png
upfilesurls.com/images/ 		208 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1458386
etag
"625014b1-d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ph6R5nX1juoIPP%2BumC9kBcJ20jma6ICpvx4ahqBkL6JMtYEXkFLc4bWc%2BQHnoz9%2BZIfqmORKPELyWpHOQlqYfEKR50iJvCHk%2BSvjLaQlG2U3bVnk2KTbfi57FCOC4rZ2kOtbR37Plz5K0HUuSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7ed1408a6c724d28-FRA
content-length
208
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:26:14 GMT
x-content-type-options
nosniff
age
116867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jul 2024 17:26:14 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bd2a1ba778afb72d4196032aac8a73e7670b0a26050016c69cfb3098e9c9298
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
582
x-xss-protection
1; mode=block
expires
Thu, 27 Jul 2023 01:54:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50586
x-xss-protection
0
server
cafe
etag
17820901003844167559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:02 GMT
invisible.js
upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/ Frame FADF
Redirect Chain
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a1c16e3b473562213cd402c192fb6243a28f0af3c7b810c2ed54f394377a3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mgKFxoj3eV1pJxIRVntSW9RJq1ip%2BjO6c50YupgwkRBpF5hj35Se7TGE2JltukSLiC%2BjEP%2BJV0AUVTR05FF6EmuHpQ3KxhznBdsvZyE2455oZxWUEZM%2BT4j2W7NhPMAvanF536M2jNC1vF%2FWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ed1408aecbb4d28-FRA

Redirect headers

date
Thu, 27 Jul 2023 01:54:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5y5JdeU1Ja5mjtCyk%2FME7MP8JGC7i09hxzxjMG%2BcbU%2B4Q1tdQKUvvFTRZddBEfetrr4P%2FyMWbN5bCGANIur%2F0DSlib%2BIa8OdhFjnb%2BpUY1GrU1mzypORcoXtYPOP7eQE0ozAuR11d5pBJLThQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7ed1408accb34d28-FRA
hb.php
youradexchange.com/ut/ 		0
410 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.4975411776377934
Requested by
Host: asacdn.com
URL: https://asacdn.com/script/ut.js?cb=1690422841953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teuKMomuDD4GnDUxM4B0HIH57AL3pIx9U5n9FwsKGu4XB3jk1Ib6RiY1y5rYoZoroYleu9I0eDuxM1w9Jk98OafHrfoFvDnd%2FQphTbaD6vaRnwWmDqCI7Q17sSsqMyMyTEI9JHndYhYhEV3zAFtdZLw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7ed1408b1b4c5b92-FRA
alt-svc
h3=":443"; ma=86400
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 27 Jul 2023 01:54:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://upfilesurls.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e241f5957f795093ddbb6b531d8be8d7b0106cd1502db616eddef25f07ce1382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77588
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jul 2023 01:54:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jul 2023 01:04:39 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2963
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 27 Jul 2023 03:04:39 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 		385 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 15:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
37926
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125319
x-xss-protection
0
server
cafe
etag
4098493636285064892
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 25 Jul 2024 15:21:56 GMT
7ed14076f88c4d28
upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FADF 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/7ed14076f88c4d28
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:475a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ed1408c1d6e4d28-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAgFbcawvkFsVUFYniyHDjibNSaJzXuE%2B7y%2FbPFMzfgiUh4rjUPUBsqEuECA7S%2F2y7SMcBD4FNHWynpJrpAeLqiAQE2avlPJMtZodqyTNaUYU8n623clMgH61eTrGJphiBhKeNkOkkzyh8fiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 		431 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e27703e946570d7724c7f7575d539d8d9f743918bd185604b3d8164c7da77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 19:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177542
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 19:50:29 GMT
impl.v17.6.0.js
live.demand.supply/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.6.0.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc13cf22cb2021f0caff5ffa87bf8e5ebf57f2f3958c276708cbd4d09a0cb10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H66Z7C1NWH0MBYRPV4SPDZHD
date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
cf-cache-status
HIT
age
119133
cf-polished
origSize=82893
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ff8dca79b04c9235878a5645aa326146-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7ed1408c3e434d93-FRA
dXBmaWxlc3VybHMuY29tLw==
live.demand.supply/p4/v16-10-0/ 		984 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d32cb07159c055ba4b71dd1388181587a5550f36aa0b9b54ce2827cb54459891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7ed1408c3e444d93-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=272&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:02 GMT
cf-cache-status
HIT
age
164010
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1408c4d439bec-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dd64ce6b307e873a097aa0c527cf176dbd82873ef73ef8966b7e69f42a3c8bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27913
x-xss-protection
0
server
cafe
etag
268 / 19565 / 31076422 / config-hash: 6238320479289362845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:02 GMT
dXBmaWxlc3VybHMuY29tL2FpWTI=
live.demand.supply/p4/v16-10-0/ 		984 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d32cb07159c055ba4b71dd1388181587a5550f36aa0b9b54ce2827cb54459891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7ed1408c3e454d93-FRA
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H3WARCGAP9S1PZNMDZZDWFAH
date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
652644
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7ed1408c4d429bec-FRA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1902564815&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FaiY2&ul=en-us&de=UTF-8&dt=0tmi52.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1440993527&gjid=80580673&cid=1080496972.1690422842&tid=UA-197252557-1&_gid=1456691753.1690422842&_r=1&gtm=457e37o0&jsscut=1&z=1986737229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-75C4L64NEB&gtm=45je37o0&_p=1902564815&cid=1080496972.1690422842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690422842&sct=1&seg=0&dl=https%3A%2F%2Fupfilesurls.com%2FaiY2&dt=0tmi52.rar&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 26 Jul 2023 02:28:50 GMT
x-amz-version-id
null
Via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
84313
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
G7PQeRLHDOL-5eqJjJh6KRJZHJgxJirEz-zTe7c5sJPN6zi-YED0YA==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jul 2023 01:54:02 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
83982
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
wCvXH0xemZ_NPXz4RJi0kYEPFocBJd_R8j352D8BtjG07e20LwhHlg==
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
KQFF0FWPP4C17CP6
age
812
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ed1408ccd68195e-FRA
x-amz-id-2
8HczqSS59NC5+bMgvklOJToJ5CbRskupftalLHCw5wQPI4bAuQkMqhcD6kfepdHSTAjOpZlv/QM=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28597
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7HhDWK0FZinws27MS6eVZ7hlb0lIcyy5JnfVotuEL0kZatbuiGt8BeST5gbaC20Vr1b1JQiqLv2Jzb4fChiULY5IW03XlGWmWL2aYW3pkFirBUifbUfvdO1a0eIAjQxYmkLTyqQpbeR%2Bm5NXAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ed1408cea8d2c23-FRA
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
9a953465165acfddd81a1d9621dd64db
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=4297889377022258&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3273233675&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690422842344&lmt=1690422842&adxs=400&adys=281&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28ab9d0791a459825c7eb5be6eda43e091972bef3df5d00d83fa3c7e70571f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24137
x-xss-protection
0
google-lineitem-id
6282713890
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430325756
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=4297889377022258&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3273233668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690422842351&lmt=1690422842&adxs=400&adys=595&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd598e0d8f2a2ff5cc12216b09eb5fe4ec981410caae7f7133f3af2d31740a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=4297889377022258&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3273233670&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690422842354&lmt=1690422842&adxs=400&adys=927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d34046377ac7f5fda045b87e068949248b725a1e287ef8f3556aa904039d509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C5C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 01:54:02 GMT
expires
Fri, 26 Jul 2024 01:54:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/x/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H39S2TBD5AD2SX1J03SM71A5
date
Thu, 27 Jul 2023 01:54:02 GMT
cf-cache-status
HIT
age
1312431
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1408cedc29bec-FRA
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://upfilesurls.com
date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.97.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
db9175a8c0f7ec17749bf2951287c5e688ebc5b3aa1ef1599abff3b2fd6d71a3

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache
x-server
10.45.12.156
access-control-allow-credentials
true
content-length
60
expires
0
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
09a4ff7262551384929c748fd6018d77cda65600c2083b2dcee91d474b2c4f11

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
d72b67c68c92c2039321e4fb68885cd2
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://upfilesurls.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://upfilesurls.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 27 Jul 2023 01:54:02 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
f9af84bea00c63b1f66585e727304172
upfilesurls.com_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		29 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/upfilesurls.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d1395e2be59ef0e21d1ed69ebe2f4f375be9e3305f6748f859bfe68034f8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7ed1408d1de29bec-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=453249564764336&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C044293ce-89b1-498a-9bcf-8275878b2c1e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3902365316&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D5b02c4c8-ecc1-4127-92cc-2326200a1021%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690422842425&lmt=1690422842&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4qe2qJkxSABSAghkEhkKCnB1YmNpZC5vcmcYpai2qJkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOKntqiZMUgAUgIIZBIXCghydGJob3VzZRjip7aomTFIAFICCGQSGQoKdWlkYXBpLmNvbRjip7aomTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOKntqiZMUgAUgIIZA..&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
967b5442df0d412aee27b421dbdbec62424ddce39269adec979a21c1137e34f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
622
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 13:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
45020
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13167
x-xss-protection
0
server
cafe
etag
17457124678373541327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 25 Jul 2024 13:23:42 GMT
syncframe
gum.criteo.com/ Frame 2A05 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 01:54:02 GMT
server
Kestrel
server-processing-duration-in-ticks
229632
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2A05
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=PpdrJHwzZTlxSTV3ZGFPWjMxbDZ2d0x0V2ZkNTh5d3c5bWN4cnE2VHVEZzlBVWdOZTM4WDExVkNzbWYrUGJaWThtRS9lejZOU0FjY2ZXeVNCVFBxallwcGVGeUNqc2MydjBLOURQanYyeld3bzlXOEZpdjRUOTZWNlRxT2...
417 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PpdrJHwzZTlxSTV3ZGFPWjMxbDZ2d0x0V2ZkNTh5d3c5bWN4cnE2VHVEZzlBVWdOZTM4WDExVkNzbWYrUGJaWThtRS9lejZOU0FjY2ZXeVNCVFBxallwcGVGeUNqc2MydjBLOURQanYyeld3bzlXOEZpdjRUOTZWNlRxT2V6N2ZkcWpRKzhIc0s5ai9kRkJ2eW9EYjNYL3F0UG4yUVpLUnVLMWR2N29kWXoxcll6Nk41dHV1NHFFRWU4VTFya1BPNEVaL2ZNK0JrQWVqcjh4Z2JtL3BWVEY1U2FRdGF5R1BHbFdyeng4ZjA0MEs1cGJRVlp4ZTUyTm5JQXdLdnZFUG1OUGRJYlk5Y0dBZWxaSWZLdFJsQmljTDNJUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8fe1349b6a8ec3aa31b0fc8bf40a2081f2b45fb1d5511d46c4e36fdb25805602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1130155
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PpdrJHwzZTlxSTV3ZGFPWjMxbDZ2d0x0V2ZkNTh5d3c5bWN4cnE2VHVEZzlBVWdOZTM4WDExVkNzbWYrUGJaWThtRS9lejZOU0FjY2ZXeVNCVFBxallwcGVGeUNqc2MydjBLOURQanYyeld3bzlXOEZpdjRUOTZWNlRxT2V6N2ZkcWpRKzhIc0s5ai9kRkJ2eW9EYjNYL3F0UG4yUVpLUnVLMWR2N29kWXoxcll6Nk41dHV1NHFFRWU4VTFya1BPNEVaL2ZNK0JrQWVqcjh4Z2JtL3BWVEY1U2FRdGF5R1BHbFdyeng4ZjA0MEs1cGJRVlp4ZTUyTm5JQXdLdnZFUG1OUGRJYlk5Y0dBZWxaSWZLdFJsQmljTDNJUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
193644
content-length
0
expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50588
x-xss-protection
0
server
cafe
etag
17958460986891997402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dbf63fb40cf84b72bc49f1d08dc296f47fead2ca5eb344c5486040fd1968113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11860
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 01:54:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 90C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWB6HT_TcwK8H3dGW3fVVo5AHnOjm7Q3ccDiRR-VwAPv-OHNR01YglZaQocQTnTIEw57y5Zlc96UJPbUVs6PaEnllWBnZeH_ftHx8Fu4J79wUSEipgOuiSEN9iosI9XPgkDhVt-4cGxQuIjk7EkI04UeCAMtC1jQeJlAv5_TzaFbOUfBZgk54OKFwza3Ey64LKxngVfqWYL4Uiyf5vUcTZn54_jf-S_c2mB6rHi8k09FnZzWFEEjMAwnIV9y16Dqb1EPkOx13HOA3Y2DL04qZ_Psij3oKj0OXqFrEd7a8gGc5pJbabVmKj5zhsGCwekzcYtIHyjrnU2hhTyBf8pHbM3glkVofoqA&sai=AMfl-YTq7If_oCkkhtSa_jC2KXEVyb3i0eQmfRSZSgcEvynX7nPJ043Ry8hEBEPagyJWC99iI-JE7BpYtCTrr3DcXtP9vYnpJqjTNgFfBsNQqgywp5lefbOyD6HcpM-idc9StNgg7ZbCJFSV0mzQI6E&sig=Cg0ArKJSzFKGWVnW9E7uEAE&uach_m=[UACH]&adurl=
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/aiY2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 01:54:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 90C0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 05:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
71957
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 05:54:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 90C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
25395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:50:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90C0 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:02 GMT
811511909485606589
tpc.googlesyndication.com/simgad/ Frame 90C0 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/811511909485606589
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:31:44 GMT
x-content-type-options
nosniff
age
40938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55229
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:45:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 25 Jul 2024 14:31:44 GMT
truncated
/ Frame 90C0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a94c427e00f0c40e74fbc0aa0569e89518ee3dea4dc099abb59101ea28e070a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFB2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
56720
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jul 2023 10:08:42 GMT
expires
Thu, 25 Jul 2024 10:08:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4AF8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad77911d73415a9bda702c9305b878f77ad985c6ccab5a68e24ad78236c22859
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8BJkq3RhGYND3xIkCTLTOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-8BJkq3RhGYND3xIkCTLTOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 01:54:02 GMT
expires
Thu, 27 Jul 2023 01:54:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame CFB2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 06:11:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
70970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 06:11:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4AF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=2728538113478734&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:02 GMT
cf-cache-status
HIT
age
164010
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1408eeefa9bec-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		972 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=2888885730799533&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C8218a573-db51-4303-a715-73cced357d63&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=655150013&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D5b02c4c8-ecc1-4127-92cc-2326200a1021%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D2837264cd01537d4%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MZiFXiTJ5u3wx4ZyIftN1ttnuZHSw&gpic=UID%3D00000c47b2a62fcd%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MalbwFssSVt327ik95VM8zznndKWQ&abxe=1&dt=1690422842710&lmt=1690422842&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4qe2qJkxSABSAghkEhkKCnB1YmNpZC5vcmcYpai2qJkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOKntqiZMUgAUgIIZBLCAQoIcnRiaG91c2USrAFkcGVoaEhSVzRXRDlzUWt5S2lzem5lQmRTenVOaHo0emUxUWppWld2WndnSkx5VHdMbG5LMDUwSk1MRU5TNWNFV1RaWXFGQWxYS0VsU0lWYU1IbUNlUW1GQ3lLWUpvd2luZHZuMUR4cDhoNU9yTVZBZERnaklpUHN5KzVENDh4Y2ErZnlBa1pDWDltMDUvQTVDMUd0MHY2dEJFN2pHU0VwSE1NdnVIbUIzaFE9GKmptqiZMUgAEhkKCnVpZGFwaS5jb20Y4qe2qJkxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjNqLaomTFIAFICCGo.&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b394c3e04c0de586bcc6f0743e101cf25620c93eedb2ca2578a4d56e1f39e82c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pdc=0.3301938056945801&ucv=null&e=tcp&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:02 GMT
cf-cache-status
HIT
age
164010
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1408f1f249bec-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H4B84TTR0HYCCB4BQBXB73YW
date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
2068165
etag
W/"c7e963c0d989e2de7e1130bf3281bc3e-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7ed1408f2a882c22-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H39S2TBD5AD2SX1J03SM71A5
date
Thu, 27 Jul 2023 01:54:02 GMT
cf-cache-status
HIT
age
1312431
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1408f2f269bec-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=2434817544226980&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C09dea4b7-b301-4406-9573-8ca469e4fde9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=1444295116&sfv=1-0-40&prev_scp=ti%3D5b02c4c8-ecc1-4127-92cc-2326200a1021%26chrand%3Dy%26pof%3D0%26bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D83&eri=1&sc=1&cookie=ID%3D2837264cd01537d4%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MZiFXiTJ5u3wx4ZyIftN1ttnuZHSw&gpic=UID%3D00000c47b2a62fcd%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MalbwFssSVt327ik95VM8zznndKWQ&abxe=1&dt=1690422842756&lmt=1690422842&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4qe2qJkxSABSAghkEhkKCnB1YmNpZC5vcmcYpai2qJkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOKntqiZMUgAUgIIZBLCAQoIcnRiaG91c2USrAFkcGVoaEhSVzRXRDlzUWt5S2lzem5lQmRTenVOaHo0emUxUWppWld2WndnSkx5VHdMbG5LMDUwSk1MRU5TNWNFV1RaWXFGQWxYS0VsU0lWYU1IbUNlUW1GQ3lLWUpvd2luZHZuMUR4cDhoNU9yTVZBZERnaklpUHN5KzVENDh4Y2ErZnlBa1pDWDltMDUvQTVDMUd0MHY2dEJFN2pHU0VwSE1NdnVIbUIzaFE9GKmptqiZMUgAEhkKCnVpZGFwaS5jb20Y4qe2qJkxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjNqLaomTFIAFICCGo.&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8d47800c94e160acecdd806969261d3223fd925b2b689ff1818db95be700828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12087
x-xss-protection
0
google-lineitem-id
5564061269
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 90C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui8zeCfvj6LK4RQxXEg4tkqeNelS4KEMwkN96F7cgLNgZMt8I_LhWToqKXdLcw0zj96ej7-c0iHk8jCMWG5oDgC9Ui7PRCc37sXZkZGundKJHQBoDsDBxY3ZWbosrZ5uh4pr_Aqzgu_Ae8TFzXh6BrvruSeFpXtLhR_abU-ymHcuHWOUggNtGaeDYdTo6gon6hk91bq--nBCb_bxRp8Eo5JpEd6eMBQuFHURyoqEqcWac8kRlWjiRA66d5l9sU4sGO6-utEdFQqk5q_dUbOHrw9XtPMdUcX6MLxfY1HiwxBAMD0y9COGEmwjpSCmpYzUAMqSlPtd6ftfTxIL-dYz5gLMzdEzgTrKxb&sai=AMfl-YQLnXnjE--4I99Vocp97vZJac8q-CeGZsg24E67HUPNU2Uyxv5NUn2n2LnvQquF2-uSzhYCEhkjh_Ln8hY_-8lLPOyV87DfzCn_UFR3ebJbOoTYXg1VHwYAyi0tLOil-zFFPAwzllc7KX2irhU&sig=Cg0ArKJSzKCUhpXorQX2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 01:54:02 GMT
generate_204
tpc.googlesyndication.com/ Frame CFB2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cpoccw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:03 GMT
cf-cache-status
HIT
age
164011
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed14090a83c9bec-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		972 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=3271302950732804&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C924bb2f9-87c6-44fc-98aa-87c9fd0ebc73&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&adks=2177133344&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D5b02c4c8-ecc1-4127-92cc-2326200a1021%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D885561652d08a508%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MaG0RLaexsF6c7wLwamwuuLdLJJvg&gpic=UID%3D00000c47b2fff58c%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MY-0EhEWzCqeXdbjmx5_nq0bauInA&abxe=1&dt=1690422842991&lmt=1690422842&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4qe2qJkxSABSAghkEhkKCnB1YmNpZC5vcmcYpai2qJkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOKntqiZMUgAUgIIZBLCAQoIcnRiaG91c2USrAFkcGVoaEhSVzRXRDlzUWt5S2lzem5lQmRTenVOaHo0emUxUWppWld2WndnSkx5VHdMbG5LMDUwSk1MRU5TNWNFV1RaWXFGQWxYS0VsU0lWYU1IbUNlUW1GQ3lLWUpvd2luZHZuMUR4cDhoNU9yTVZBZERnaklpUHN5KzVENDh4Y2ErZnlBa1pDWDltMDUvQTVDMUd0MHY2dEJFN2pHU0VwSE1NdnVIbUIzaFE9GKmptqiZMUgAEhkKCnVpZGFwaS5jb20Y4qe2qJkxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjNqLaomTFIAFICCGo.&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d281e86c52d60627844dbc046dd17f6dbb9053ca08b24dcf84d1de3d9fe68848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
472
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CA18 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA18 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728538113478734&correlator=3742744152186552&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C442c7285-9bff-4435-aac6-7d5249177d41&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&adks=1775280552&sfv=1-0-40&prev_scp=ti%3D5b02c4c8-ecc1-4127-92cc-2326200a1021%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D83&eri=1&sc=1&cookie=ID%3Dd3b4e9ac0057109a%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_MYCLInuTFHEE70mWZ6vBL3mlpQJEg&gpic=UID%3D00000c47b2e5da6a%3AT%3D1690422842%3ART%3D1690422842%3AS%3DALNI_Mb1NMzX1mjvtzQ9CiMiWLd9REqRRQ&abxe=1&dt=1690422843010&lmt=1690422843&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FaiY2&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1080496972.1690422842&ga_sid=1690422842&ga_hid=1902564815&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4qe2qJkxSABSAghkEhkKCnB1YmNpZC5vcmcYpai2qJkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOKntqiZMUgAUgIIZBLCAQoIcnRiaG91c2USrAFkcGVoaEhSVzRXRDlzUWt5S2lzem5lQmRTenVOaHo0emUxUWppWld2WndnSkx5VHdMbG5LMDUwSk1MRU5TNWNFV1RaWXFGQWxYS0VsU0lWYU1IbUNlUW1GQ3lLWUpvd2luZHZuMUR4cDhoNU9yTVZBZERnaklpUHN5KzVENDh4Y2ErZnlBa1pDWDltMDUvQTVDMUd0MHY2dEJFN2pHU0VwSE1NdnVIbUIzaFE9GKmptqiZMUgAEhkKCnVpZGFwaS5jb20Y4qe2qJkxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjNqLaomTFIAFICCGo.&dlt=1690422841829&idt=485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de373a79f25cddd09e80171923848465c733cfa77eea0910e002f0e6c1498958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15815
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:03 GMT
cf-cache-status
HIT
age
164011
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed1409279649bec-FRA
container.html
524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CF3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 01:54:02 GMT
expires
Fri, 26 Jul 2024 01:54:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.3301938056945801&ds=true&e=wdp&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:03 GMT
cf-cache-status
HIT
age
164011
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed14092a9a09bec-FRA
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=upfilesurls.com_auto_728x90_sticky_display_bottom&sy=cbb2b79a-0b80-4c75-b2d2-3275ed84add8&ts=83&cd=2&pud=272&pus=c&pue=3983&pid=101&pis=c&pie=4144&ppd=187&pps=a&ppe=4230&pcl=3830&ttc=4201&tti=5088&ttif=0&lca=4230&lcak=ppe&lct=4230&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=5b02c4c8-ecc1-4127-92cc-2326200a1021&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tL2FpWTI=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5Q10KS7T7XS4B15HXS5KD9Z
date
Thu, 27 Jul 2023 01:54:03 GMT
cf-cache-status
HIT
age
164011
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"46f47d652033caa436f550f7e8b20e7f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ed14092a9a39bec-FRA
afr.php
ads.eu.criteo.com/delivery/r/ Frame 81A7 		142 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92f55847f9411a15c386e3ffc9175e61d17c2bcf4e96be91ece253cb3ce8340d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 01:54:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dt8aebywRKU9nF91RPyfD_i3UWWkDmdRiTE28fxiPrW69tV-VkXs7F4IT24sa7_Omi3CmBXe4MgiB_o1nnEWrSNRTk1caZagflxl4_g3iVwOQoWQQ-wbgS6sv7h9F96HiOidqKJU-XUMfT9wHszCgjgydyJFCt_ztZ4NZaATrgIrzZlhkpU-jjgkF1LLoz3UxY-ck8vngiO4LgNmLxeUuFxssmU0gTIzi3K3pQ9lEGABMViZf36wNP5r-Bo"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
39780650
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 1CF3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
25396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:50:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9610 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72023
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jul 2023 05:53:40 GMT
etag
48472445140208031
expires
Thu, 27 Jul 2023 05:53:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 1CF3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
39737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:46 GMT
l
www.google.com/ads/measurement/ Frame 1CF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQv1DSqD26x3hu95eIdFi-cu3sKoyJxe8QunjpQtJs-jmEpxjxdN2YMp9vkoN49duu7p3VwLOjIwdRgoZXYLwvX2BUTOA
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1CF3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
5752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Jul 2024 00:18:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1CF3 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:54:03 GMT
truncated
/ Frame 1CF3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45017bbf97e2cff13680353440e55e3a5e3a565c53b0ab3423fdd23a8ac309d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 9610
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC5b6X0O91sQCX5fOdYzbTI&google_cver=1&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MDMxMDgyNzEwNDQwMTU2MQ%3D%3D&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9s7SW...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MDMxMDgyNzEwNDQwMTU2MQ%3D%3D&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9s7SWSE5UBVDrY
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MDMxMDgyNzEwNDQwMTU2MQ%3D%3D&google_push=AaAOQGHuPXc-s1wAxorw4RldCZDm9QjbnVW_Fv1Pz0idq8N2ZLP5SAXrfXx2Wzp576ChHi7Zurlq6jjcnjyxh9s7SWSE5UBVDrY
Date
Thu, 27 Jul 2023 01:54:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9610
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH3zDkxMArV_G40loPQkbrU&google_cver=1&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ&google_hm=eS1LVlBLa0hwRTJwRkxyZEln...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ&google_hm=eS1LVlBLa0hwRTJwRkxyZElnMnp2Y3ByZ2pTRVF6TFB2Rn5B
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG-uvgCdn4n_y9N3uteVJTJZFeCUlJZATGPBJQJ0CDNBZMiDhSvrSOEILvPl8XTE3-c2NxeS8Wgdwcww0nxc7YjlzP3iQ&google_hm=eS1LVlBLa0hwRTJwRkxyZElnMnp2Y3ByZ2pTRVF6TFB2Rn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9610
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDPH3PBVoucNIxL2jm7A9kI&google_cver=1&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbIt...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDPH3PBVoucNIxL2jm7A9kI&google_cver=1&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjb...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFV5t39IoZtl05DE3X_bUETyNZMmdtItKKkG_cNal24mZEsgw2-00j_CDo_PD79dFHoUqebZtiGGuX4ekldAhsjbItB3gE
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9610
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJVIAOTbamviIvDsNfghwRc&google_cver=1&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hjY...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3_GxipHyVMdSF-_h-hBmCFFfBSc&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3_GxipHyVMdSF-_h-hBmCFFfBSc&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hjYVIS4mQpqjYVs
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3_GxipHyVMdSF-_h-hBmCFFfBSc&google_push=AaAOQGH4naS1Kx-ExrR4WC4CmKiL99JB-JNXw2I63sDINforLVTcx2QcgMzzYbN5oPBaeLFv5umNDOXMSZe8hjYVIS4mQpqjYVs
Date
Thu, 27 Jul 2023 01:54:03 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9610
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOjpwEyu7TZlg_7R3SUZ0GY&google_cver=1&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOjpwEyu7TZlg_7R3SUZ0GY&google_cver=1&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo&google_hm=HDFSsGZHODDe0YBORDOea5ZW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo&google_hm=HDFSsGZHODDe0YBORDOea5ZW
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jul 2023 01:54:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEWCHvmoelRRrY7b8PUzrIY0HgK3lKA4VhPCm4uqrDhvcPYeRb4ZLTP0y4YZJRUE_qsPOJ9pyNAkn5ErlnBqoP22JNfNPo&google_hm=HDFSsGZHODDe0YBORDOea5ZW
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
cc.adingo.jp/adx/push/ Frame 9610 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEOTGMn7nzx_xR3BTXHBE2VA&google_cver=1&google_push=AaAOQGE73xOipRYh1w6CgzXLQ91_b18zqkvAsWTE55YicFWNHmvF_PJqWDDgpb9zDcrvBGXfYtG7nR11GY37QWP1TU7jm_L2mA
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-169.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
server
awselb/2.0
/
onetag-sys.com/match/ Frame 9610
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELy8df2c42hsHsH6QLpXqJY&google_cver=1&google_push=AaAOQGHEOll1pKENFXkrPtX2O_PgWxaRRzsYeFj0GxtRm5AXx9I8LUwRL_Erbw0-yhhN5OGKKk2w07VeS7f...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHEOll1pKENFXkrPtX2O_PgWxaRRzsYeFj0GxtRm5AXx9I8LUwRL_Erbw0-yhhN5OGKKk2w07VeS7fJo87Pw5gukmRtbjfi
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9610 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-_zYE0utsaVQnqrUwAvavYN8tDcryvQKiXPJRaEFm9_EsJp6P2OqjieObx9LJPkbVTu2ewQ
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=2728538113478734&bg=!BwSlBFDNAAZGOVy5Zjk7ADkAdvg8Wrfl_CTrbz7GPWr-LQ9PHtLmEbjYDbyWSE8ZkkMm847oNScNqSubYoLidMixEe8SAS9UirACAAAAt1IAAAAIaAEHmQKkr5umXAcXRm6aj-vMIHbNcBR6gFfTxqbaDVvRYLNd0XX7EpcpKlOpgT1EYhHbD7I3eEXTUJg-zgpfjmdOE2DmH_KSX6q8MAQNKwbgOuDV6caZS1z8SJeEFyVhAlD7Bt8LsB1NX5s3jiIqBpQSwqmlqy9__rzodPQFKIhfg42qJ9jBOHuP7bfTDi0wvhnQKKvsaxiCfFC0JmQCxizLAjuChWdmEQb8e1MAL8TIpVg8AJDqBwwnhoV7Nl-rvbxP3gKTEckmrko3IW0caSarnb14qfOopuKZYUvsqSETUnqTJi7asBa2ypa_b2fx524l-Ixj53NR0YvHJhz2afI57xLtrErdEEE5bFt1Kab3ntZHK3pMJ6-vOl7xxe4O8b1Ly78GPRUkWQOF4IiHDKmfWWBkRklVLz0r6ItA5K1Xo4YWBwt8COtvkQXgi4M1Gec2FQswYwvc4hZshODL3cu90C-FQb1fiXy2aiUYk_ZzRJgn0rzxWzsFBwVNpphFPWzCYdb21ysLXtUwUgSr-UvEF7FURLEsuEf8m-EEkBxctQ2oy046GtVV_vwGJc87YNllRWDS7zBZYGrKRbVlSdciZ5yPSk-ITKOfOOLeDmUjE6y7c33ZCbkYrpknCxxcbmB0qhl0W_mAqLruzRzq4JPUSSBjegup61gxH569MDVjyJk24Q-u-HJnu6Wpmk2t-1IVY5QV2dqHA8FCbfLV0V42Ciwb_QSvhedbnVoyV8c_bABnEfSAr2MZYGllw5r6P0qWe14m9-7bcZGOao_dog2taruvwOnF0j7vgexoCfx5JWe9ZgDs2IOvR8j-w26Gk7kQZgo0nvSO2GGW_VE_Ixr57yko3vPJKMReyBmyzSZmkqHAm0joROXY0w2GA48wwWljPSHdpR_5Lg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame 81A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Jul 2024 01:54:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 81A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Jul 2024 01:54:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 81A7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 21 Jul 2024 01:54:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 81A7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 21 Jul 2024 01:54:03 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 81A7 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pRUl0h27hgQk1rcouJi-WLFat6V3qMUcX3ZnzH6_Tc5b22JSus8rOrEJgdjCbaJkmDGt5W7jTrn7C1Quq3-3a4PQlknq8XntGs-QzRstcEiJUN5Q8lIIRkq79XupdWKBNmnP5_GMG0V3GvOx2KA3UEUbesa8-uZu78hWVRQhnI_AZTFLVLFQQuODod9yfjTR6R17uQSjZNC2WgxqV_Qf83SqP8g--qbhfxZARaVw_CaHRvCBBuOcxoDdMhQBpEM9CX4zZPB2B6w91B9wU5D--jC9rhadMruiLe-Xjgy3kfeYGn1d8cHgCCeNl3vQ_XLIWLOoblwpM0LN1wdFt_NhNa7AfSx-lrEeUB8Hto5YFOx1xme2hdCF98v8syprlzN1q1D5c0OC2NMvcP8u4QIYUasKVDw5HrHO4ph-oZL4gREGAJcI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2658792
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 81A7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Jul 2024 01:54:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=61727&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F61727%2F190923%2Fa51e4fe8f3bc4e1180f54c113ba6278e_logo-mecalux-1000x500.png&v=3&w=256&s=4mxYzCVyBuZ69v-wpaaMHRlC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4c9c788fb8641d3c1591a9a292db46b6b903f8551ddb541cc5fd0255cce467e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
8206
expires
Tue, 11 Jun 2024 01:34:58 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Festanterias-cantilever.jpg%2Feb6c513d-c3c8-39ec-1074-df25b5155fcf%3Ft%3D1567503764426&v=3&w=400&s=Dwu6b1lMKrUnozPeF2S_Blfg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f36203940a41f538526a4c842bc182e633b81a95ecb47daf5452284b14978850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
61318
expires
Thu, 13 Jun 2024 06:45:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Festanterias-palets-convencionales.jpg%2Faab71722-6479-28c6-c298-5bdfacd850be%3Ft%3D1567504239685&v=3&w=400&s=SSBL48Lx8jObzuzMruWLAk88&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42e947fee829de6db2e8af8a3e4f27b6cda605e621689230fddc0d21671c574f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
50540
expires
Thu, 13 Jun 2024 06:45:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Festanterias-moviles-palets.jpg%2F34dd5b68-af95-23b8-0415-f2464e7ac790%3Ft%3D1567503768333&v=3&w=400&s=RtDt1mT2bbusSWpRTVP03aXL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f8205d11d4a19b0372f8dbcca7a12bcd1b94509e0f8112f94cace2849b1dd02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
43158
expires
Thu, 13 Jun 2024 06:06:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Fsga-software-almacen.jpg%2Fb0a6c880-6ad2-48d4-9310-a4adb59b30f2%3Ft%3D1567504243010&v=3&w=400&s=nxdjUEVtKQtRJ4KQdwr9z5ep&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8efc201705288f2fe50ba22bf760aa0109c3055bc4d388d64651ea36ee1232ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
38704
expires
Fri, 14 Jun 2024 08:47:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Fautomatic-trilateral-stacker-crane.jpg%2F29c336ac-a8e2-f4db-637a-463c57d58828%3Ft%3D1567506575863&v=3&w=400&s=KSHPo6GIlkZtfAheyd8Vdor9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ea62619b86e65ff4c7ca1a71a00ee098fd9d7dcf80a8c11c882501ad04db69bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
100356
expires
Thu, 13 Jun 2024 08:10:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 81A7 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=61727&q=80&r=2&u=https%3A%2F%2Fmecaluxde.cdnwm.com%2Fdocuments%2F20197%2F5297963%2Ftranselevadores-palets.jpg%2F04536b1b-88fc-c7de-c928-7ba6f86fd17f%3Ft%3D1567504236904&v=3&w=400&s=ZBmRb9NCV8zQ1Xk9m1AZ4z0E&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b02957f01f9de4cc18f6d32c0e979a7bb1e2d39fcaf4ddddaf785b92e2cadb63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
50184
expires
Thu, 13 Jun 2024 07:01:11 GMT
all
csm.eu.criteo.net/ Frame 81A7 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dt8aebywRKU9nF91RPyfD_i3UWWkDmdRiTE28fxiPrW69tV-VkXs7F4IT24sa7_Omi3CmBXe4MgiB_o1nnEWrSNRTk1caZagflxl4_g3iVwOQoWQQ-wbgS6sv7h9F96HiOidqKJU-XUMfT9wHszCgjgydyJFCt_ztZ4NZaATrgIrzZlhkpU-jjgkF1LLoz3UxY-ck8vngiO4LgNmLxeUuFxssmU0gTIzi3K3pQ9lEGABMViZf36wNP5r-Bo&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 81A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Jul 2024 01:54:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 81A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Jul 2024 01:54:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1CF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGnAfO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSbAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1f9ymNjO0y8KwPqeEUZtZsXQIuqlEV_FAtsW4xDES5pqw_SvdS3rgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=PGsX8K59djA&uach_m=[UACH]&cid=CAQSPABpAlJWqajddLTyXrtAI2PzPxqw4r4tnV5FlvC356LLVHWoMcan5G2Ttt7p33L94nfEsqC11ho_T824dhgB&cbvp=2&vis=1
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 1CF3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOiwC-zZW9gFWp2DYgICAAAAehsU7mqCfbIQOs7BZF6--38MZ4txDKoAABIAAAoKQVFVQkFRRUJBUQ&wp=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&cbvp=2
Requested by
Host: 524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 01:54:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
151944
server
Kestrel
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 90C0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJNeVtd5GzQI3loCDsldO7plcVcU3OvpNzL7hMfEPPTwkDm6clVw9EFYFsds7jfPlBCXaX7WppYQvwZsbXR3stOUI0U2vRL65RqX1B29rrU12tuxt2&sig=Cg0ArKJSzJHC03F1CK6UEAE&id=lidar2&mcvt=1000&p=281,650,531,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3273233675&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690422842578&rpt=215&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 81A7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dt8aebywRKU9nF91RPyfD_i3UWWkDmdRiTE28fxiPrW69tV-VkXs7F4IT24sa7_Omi3CmBXe4MgiB_o1nnEWrSNRTk1caZagflxl4_g3iVwOQoWQQ-wbgS6sv7h9F96HiOidqKJU-XUMfT9wHszCgjgydyJFCt_ztZ4NZaATrgIrzZlhkpU-jjgkF1LLoz3UxY-ck8vngiO4LgNmLxeUuFxssmU0gTIzi3K3pQ9lEGABMViZf36wNP5r-Bo&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMHOOwAArlMIEfdfAAShg7H1eiEEP7nVJdMMow&u=%7CAdbo2zLI0KZc0S%2F604qayrUS8tTBA8W%2B%2B%2BtoNXU0vyQ%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOXmW9UoUGT_GI2b2B5z8aCCSQ8cGgUlmWsE3tXK1zgXOkLDLob2o4sprENgqUcdxAT1g9vQgSRXyiZVikxdZ7UCQGpy0kIQvXpc1qq7N4lykhoecp_VbyhU6kqtmKpyorxpoxEfWaIYKXSvN8Y9yNb4xS1eH-5OwOIXzPbt-9q-KwfLas1D1umd_SCgjdMRdZVqma16elZQq1i5Nj3phrQXmv7fMvM-yUQX4szTXnE5ThPWm9cRoXUQ7UEQu4dT7vftKZWDGR6arrFvNed_cBff-l3biFMCzzm2OzJ4GVqcnrwadn27cjTniQnuABHx_vTIPlOhT-UtWB-cmcbiaIR6MX6pSHdW-bRVZ4mMfHStHpLYT0kcYKUvmmCjetmO5Nvf15C46d_AhlS3UvIOT35K_RKIj8SlMScHvbU6tZBzifSurZJCUVAXrPEsXy7EfPj1DkcueJymJ5NxISMg2CIskFOXR-S2vB5l9O09H8FcobVNwgRW3R35FChErSvDFPG80exSx9msAh2IGgpJvhSfZJyST_bBwswAq2hVOQB_2pHxhS_PCiNiRJ-SXfu_rt0XNasDM7PIKP1dtzCngNp5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4r5tO87BZNPcAt_ux_APg8OSwAbJntKxXNWdkfdwwI23ARABIABglZKhgrAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAntzrRqpmrI-4AIAqAMByAMCqgSeAk_QqsAuej5YoYxs2Xf90ZBAAXYEBDRihR0WgqDL5Y4l1H8dbrFwNgwbKF5FbIGQHr3mLk5TI0IwyMqElwmT_wnouS5l83__MQreVOR0TXR07uvd-P88t_hIxM-VzoDmQMJbb1vqGXwEsMdZreG9fqIgoPuvrJhu4LPAF0yRJ0nTEgBISnO2PX0q0_46DIYyfViG4F_y2Eo5S1H6kGaYJeyZfjEe5cNlA59Q5B4Mj9s7kfH9dwzi5EGh8gpKLOuqicgxYx_LUohuP1r1N8Ql9_v7JSlIassl1yPJFNYOtsTVoWctP0PvyjvsDfJadGNDIBgx2to1Pd6HpLQ7V9EPorMngab_SX0csB9OeenCAg2FYsOt-LaoeIFZWMUPDHbgBAGABq6yzcCC0-bUtAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02cm2VEga5Fsw_vkGuRbm7ScxwTQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Jul 2023 01:54:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1CF3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnD8h57wfyDPy2WBGopUpbzIJS8P-jxfgVV0DtphRb5TXjrgHq9Zo7EZizzUvPG4Mh1gKfuFGFDeVYQQVMuXmE_fc&sig=Cg0ArKJSzHO8oM8VFDqxEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1775280552&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690422843294&rpt=207&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 01:54:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuZuxWQndmOFgvoir3z__rqDfvNBcFBkvViQT6i4XwK55CGznA1IcsnJ_RQIOmryhS-fcPluYwINaBAOtRLScsDt2WkD1yB5-gLZL5Ut5m0cxFFs6RP0CFdzEebXN2WotlAL_yo4HsVeTvX3wMWNO3rtTydUqLt_kVQVwfSbIeWINgv6rU7pPW4zzq2Lx-fMHHYDR8k2HHZj55SFKSWSCHA575_SLRi96e3IQpE9CunTOGUf5MvbetG0KfvPoSL9UhwvyQjsFtNwL6NpJYBNzcfuqRhQ-Ayq7S9NXfMval0K3-S-i8aDu_qVV15bO6M1pQgzH_3bspF7UuVtVgQo08dBkiWPV6WQNiTX9kuGsy0wTDbxVV2K8eKm1d32DYmivGuyCCSroGwqHzmw&sai=AMfl-YTRL8ogri2nPd6tjoek6BQ5Ss5Nuxku62I45bi7UNR8q0F5GTxD4NrdUOgbtMx2G54uUl_2eBm9W18JG9lpHmVHqTrtGI-gCXzPqHyny7LjoBXK2pUFibfUk7XYDA&sig=Cg0ArKJSzFSQuJL9LBy6EAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| stcih function| _0x3609 function| _0x22ec92 function| _0x2d6c object| regeneratorRuntime boolean| s2ss727 function| s2ss727ff string| rgxngibqxq object| googletag object| app_vars function| a3_0x145b function| a3_0x4fc8 function| a0_0x4928 function| a0_0x22f5 object| webpackChunk function| jQuery function| $ number| uidEvent function| Dropzone function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| gtag object| dataLayer boolean| user_engagement727 object| __ds3dcV__ object| google_tag_manager object| google_tag_data string| utsid-send string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing number| google_unique_id object| fh object| dspbjs object| _app object| recaptcha function| setImmediate function| clearImmediate object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| signal_decrypted string| demandSupplyFS object| google_reactive_ads_global_state object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 object| GoogleGcLKhOms object| google_image_requests

31 Cookies

Domain/Path Name / Value
upfiles.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IitJaUlFWWxHOFNPNnd5b0RNcXlNWnc9PSIsInZhbHVlIjoiL1IwRUdOTU5VRDhvbjlXOHhNTktRcmVjbkN5VTZsQUdlaWw0Y2hHZ0oxMlZtY3BFRkFQRHZDQmFvRG43N0hYZnFlVkJTN0c4R0V4bmFRa1dDZlNKUjBYR2ZUdTdHMld2Z0N4anlOTFdTVkVwbFlTQ0xIN2lDNW5Eem1FdzV2S2kiLCJtYWMiOiJjMTEzMmRkZmY5YzE0NWUwZDZhOGVjMmRkNTg1NjUwYTkyNTY2MTNiMTZjNTdlYmUwN2E4NDE5ZTRhOWY5YTcyIiwidGFnIjoiIn0%3D
upfiles.com/ Name: upfiles_session
Value: eyJpdiI6InozcEdxUDRCSUpQQ1dPdkVhdjRLZHc9PSIsInZhbHVlIjoieG5wK1FyRlpnMW5LMjcxUFpwMFNJQjd3WmQzdFZvMUlVVXhZTTRXTmZuNU9ldVNqT2UrVGFHZExLM2lNVzFEdnVQOC9tdEdISmtEYTdscUQ2cVA0dldQQWVXVFRyd2hvNUFQYXYxSk8wNGh4RnZBcnpvak9GcUtudWltTlB0U2QiLCJtYWMiOiI2ZTM5YTVkMDlmMTY4NDNhOGU5MWVkMTFmNzgwMDI5MWJiM2Q2YjQ2MDIyNzIwNzNmZDA5NjNkNDk2ODQzZmY2IiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: auth
Value: eyJpdiI6IlVPalZ5a2w4L0hKVGY0djkyV2V0VGc9PSIsInZhbHVlIjoieHlESG5GYVFVeUN2WjgybW1oOFAvZz09IiwibWFjIjoiOWE4MWIzYzIwNGYxM2YxZTVjODQwMzg1ZjRmZDFlYzQ2MWNhYWMyNGQ0MjA3ODdkZTQxNDNlZDU4YzJiNTJkYiIsInRhZyI6IiJ9
upfilesurls.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVSWEVzS2l1UFE5QTZIbXljb3hBYVE9PSIsInZhbHVlIjoiS1VXYlNzWU5WZlhadHJaYWZMMkw4ekZXTlp0UVNQcWwzT1g4elc1KzhCRlA1Qm5NYm1mMG1BNFI3Vk5sb0hPQ2ZEWkZ2VzVWQjd2YzYxc2dsc0pLazI3ekNUMjUvbjByZGY1ekxDbjZ1OUpkNzhOWVl2dW9UNHVNVlY2T3hkYlQiLCJtYWMiOiJkNTZiMzBkNTFmMzI3OWY1NWEzNzg2ODk5NjE1YmQwZjFhNTI2YWQ3YTgzZDBlM2FlM2FiNWExMjY2Mzc5NWQ0IiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: upfiles_session
Value: eyJpdiI6ImJjRTA0eWhjVWExSENxYm4rdnJZZHc9PSIsInZhbHVlIjoic0Q5VkNjOFJRWjJFaXlCdmY5ei82NUQzQnRoc1daQ3JEelp0L1RJejhGN3U3OURMQXlVYlpBd2s1dEY4Z3FEbUJ6SmRtUWI3enNhRnRnMWlkQnVvU3lQb3ljcUFnZ2dRN0ZyUlpzNXV4bGFFZEw0WFdoL3JPekVBVkVXRzhBck4iLCJtYWMiOiIzMTZkNGUwY2ZhY2E5MDYwOWVjMGUwZTBmNGQ3NWQ2NDdlOTRkM2Y5ZjczOWE1OTk5NDZiMmMxZDdlMDE3YzhjIiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: ab
Value: 2
cschyogh.com/ Name: GL_UI4
Value: eJw9jdtOhDAYhDmz6oJOwgP4CJzBS%2BNDeEla%2BsviQrspFeLb25jo1XyZfJNxHMfLHuHuUQD%2FizV4FjnnvOuppbrL664cq6qp2pe67%2FuyKdsad%2FM2GMYXMgFO28q0Gcwe4DyRJD2Pw6gEJXiy1l9zleqQAUKumRQJwtUaS4KYa3VspDMfgWQrIXq7aGUzXNmn0vCLorE8S8tuDk9tmZ%2FeI36fpbDD9AyvyNM0cvBwW5j5UHodZhG5CCfNBMF9xWlkhialvxEL2q5G3QC1iOHf%2F%2F31jyJHJGifR3uuzIX0D2ooTXc%3D
cschyogh.com/ Name: GL_GI10
Value: eJwNyE0KwjAQBtDMLOIPdfFBr2FApGC30eIZXI4xlKAmYVoK3t6%2B5TPGcNuAU8X%2BcnJ95zp37kEj%2BDaAQ8bmHvUr%2BQdSsH%2BAdT0vi2gSUMB20I%2FkMWZQwuFaNB69hPez5AjOE3Zr1aIyR1C1BJ6LZfD0ag1osc0fPeAd%2FQ%3D%3D
live.demand.supply/ Name: demandSupplyTi
Value: 5b02c4c8-ecc1-4127-92cc-2326200a1021
.demand.supply/ Name: __cf_bm
Value: MVHkboWcQC32MWyaz_d7Su3Nm6mOTnuaAAcmdamJfv8-1690422842-0-AdlgCzeyC9zJXVZ3d3ALFuc1+MsvVoGxDCDaCFvfYtGTXJ0i96or5DO3GTwpDTMLc9O6nbIiP2ysj6yb0OnVjYA=
.upfilesurls.com/ Name: _gid
Value: GA1.2.1456691753.1690422842
.upfilesurls.com/ Name: _gat_gtag_UA_197252557_1
Value: 1
.upfilesurls.com/ Name: cf_clearance
Value: fsjY2v3aEdr.6GxauZYoX2f57SYBGxl8z5QFiziHoJo-1690422842-0-0.2.1690422842
.upfilesurls.com/ Name: _ga_75C4L64NEB
Value: GS1.1.1690422842.1.0.1690422842.0.0.0
.upfilesurls.com/ Name: _ga
Value: GA1.1.1080496972.1690422842
.criteo.com/ Name: uid
Value: 41e629d1-90c0-4832-a2c0-132365aa5518
.upfilesurls.com/ Name: cto_bundle
Value: LNw-AF80RUsyZUFFaGpxNTBFOGYyaElMUVdETXBZUE1saFlSTDBGTDlyRjQ0Q0plU3VEYmdQbTJ4UE5MQklnVXAxYnVlVGZMMDVjbHdsRjJYbjFZRWFsWFk4ekFlbXpXUTYwd05acThGenp1ek9PaDUza2Z1cGhwT3RwbCUyRnhDd2x5dE9lZUpaSGVRRWNSeUJQckhjM1JOemNZUSUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUnwW_RRRZi4egJoH53IVcU8smIhYghXZkKln324F62BwgnXY6cisImF8kDa9MI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.upfilesurls.com/ Name: __gads
Value: ID=d3b4e9ac0057109a:T=1690422842:RT=1690422842:S=ALNI_MYCLInuTFHEE70mWZ6vBL3mlpQJEg
.upfilesurls.com/ Name: __gpi
Value: UID=00000c47b2e5da6a:T=1690422842:RT=1690422842:S=ALNI_Mb1NMzX1mjvtzQ9CiMiWLd9REqRRQ
.adfarm1.adition.com/ Name: UserID1
Value: 7260310827104401561
.de17a.com/ Name: guid
Value: 1.470417458160723196
.lijit.com/ Name: ljt_reader
Value: HDFSsGZHODDe0YBORDOea5ZW
.yahoo.com/ Name: A3
Value: d=AQABBDvOwWQCECoKQtAjCaSE_iiXCa4zKAsFEgEBAQEfw2TLZAAAAAAA_eMAAA&S=AQAAAjoi-u17HChJ2UxL7aKIWPE
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%2Fq30TQj%2FReje80542oESNI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%2Fq30TQj%2FReje80542oESNI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCC7nIemBjABOgRVNED5QgT9UO2I.E0g1m5r5Z9jvHdRM4fW5EsqwU4mDgE%2BawiTAcIOzYls
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCC7nIemBjABOgRVNED5QgT9UO2I.E0g1m5r5Z9jvHdRM4fW5EsqwU4mDgE%2BawiTAcIOzYls

2 Console Messages

Source Level URL
Text
other warning URL: https://524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://upfilesurls.com/aiY2
Message:
The resource https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

524e4893f067d6ed7020eea56c23a084.safeframe.googlesyndication.com
ads.eu.criteo.com
ap.lijit.com
asacdn.com
bcp.crwdcntrl.net
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cm.g.doubleclick.net
cschyogh.com
csm.eu.criteo.net
d5p.de17a.com
datatechone.com
dsp.adfarm1.adition.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
id5-sync.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
sync.srv.stackadapt.com
tags.crwdcntrl.net
tpc.googlesyndication.com
upfiles.com
upfilesurls.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
youradexchange.com
securepubads.g.doubleclick.net
www.googletagservices.com
108.128.97.117
141.95.33.111
178.250.1.11
178.250.1.6
2001:4860:4802:34::36
213.155.156.166
216.52.2.86
216.58.212.130
23.109.82.155
2600:9000:2250:4e00:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::ac43:475a
2606:4700:3031::6815:480c
2606:4700:3036::ac43:9a75
2606:4700::6810:5714
2606:4700::6810:8516
2606:4700:e2::ac40:8a25
2a00:1450:4001:802::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::2
2a05:d018:d29:3601:832b:4f07:a3c4:1c3d
2a06:98c1:3120::3
34.96.70.87
35.190.39.111
37.48.68.71
51.89.9.252
54.211.72.252
54.65.174.169
65.9.66.68
85.114.159.118
00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a4ff7262551384929c748fd6018d77cda65600c2083b2dcee91d474b2c4f11
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd64ce6b307e873a097aa0c527cf176dbd82873ef73ef8966b7e69f42a3c8bc
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f8205d11d4a19b0372f8dbcca7a12bcd1b94509e0f8112f94cace2849b1dd02
152d9475153f107d5b837f32ceb43e3d954944df916b92751c60a04c458429eb
1a94c427e00f0c40e74fbc0aa0569e89518ee3dea4dc099abb59101ea28e070a
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27d2f316915b85da0eec7184baee597496189ee0676808b7d7212bd7ad358851
28ab9d0791a459825c7eb5be6eda43e091972bef3df5d00d83fa3c7e70571f16
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d34046377ac7f5fda045b87e068949248b725a1e287ef8f3556aa904039d509
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42e27703e946570d7724c7f7575d539d8d9f743918bd185604b3d8164c7da77a
42e947fee829de6db2e8af8a3e4f27b6cda605e621689230fddc0d21671c574f
45017bbf97e2cff13680353440e55e3a5e3a565c53b0ab3423fdd23a8ac309d9
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4c9c788fb8641d3c1591a9a292db46b6b903f8551ddb541cc5fd0255cce467e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517a7604451ad51e25afeb6e8cc8418ed9c469642956b5bd9ae70781f351adb7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
5bd2a1ba778afb72d4196032aac8a73e7670b0a26050016c69cfb3098e9c9298
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c1a6f829c31cd66f3832397d252900819b9782e76dfd7e5a77c197b6363630
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
8dbf63fb40cf84b72bc49f1d08dc296f47fead2ca5eb344c5486040fd1968113
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
8efc201705288f2fe50ba22bf760aa0109c3055bc4d388d64651ea36ee1232ad
8fe1349b6a8ec3aa31b0fc8bf40a2081f2b45fb1d5511d46c4e36fdb25805602
92f55847f9411a15c386e3ffc9175e61d17c2bcf4e96be91ece253cb3ce8340d
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
967b5442df0d412aee27b421dbdbec62424ddce39269adec979a21c1137e34f7
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acc13cf22cb2021f0caff5ffa87bf8e5ebf57f2f3958c276708cbd4d09a0cb10
ad77911d73415a9bda702c9305b878f77ad985c6ccab5a68e24ad78236c22859
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02957f01f9de4cc18f6d32c0e979a7bb1e2d39fcaf4ddddaf785b92e2cadb63
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b394c3e04c0de586bcc6f0743e101cf25620c93eedb2ca2578a4d56e1f39e82c
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b8d47800c94e160acecdd806969261d3223fd925b2b689ff1818db95be700828
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85
bd598e0d8f2a2ff5cc12216b09eb5fe4ec981410caae7f7133f3af2d31740a34
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
d281e86c52d60627844dbc046dd17f6dbb9053ca08b24dcf84d1de3d9fe68848
d32cb07159c055ba4b71dd1388181587a5550f36aa0b9b54ce2827cb54459891
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
d85d82fc6abc7f8eb2f38636611b6a10f04e7e595aaa401ff80e96e8db24e18d
db9175a8c0f7ec17749bf2951287c5e688ebc5b3aa1ef1599abff3b2fd6d71a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de373a79f25cddd09e80171923848465c733cfa77eea0910e002f0e6c1498958
e05fc99c8ba160e9941e197a8928f0362f1e72b3dce58d6b5526eadaad124c0f
e0d1395e2be59ef0e21d1ed69ebe2f4f375be9e3305f6748f859bfe68034f8a8
e1a1c16e3b473562213cd402c192fb6243a28f0af3c7b810c2ed54f394377a3f
e241f5957f795093ddbb6b531d8be8d7b0106cd1502db616eddef25f07ce1382
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
ea62619b86e65ff4c7ca1a71a00ee098fd9d7dcf80a8c11c882501ad04db69bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f36203940a41f538526a4c842bc182e633b81a95ecb47daf5452284b14978850
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615