urlscan.io logo urlscan.io
SecurityTrails logo

www.filestofriends.com Open in urlscan Pro
52.165.156.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Submission: On September 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 12 domains to perform 76 HTTP transactions. The main IP is 52.165.156.46, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.filestofriends.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 29th 2020. Valid for: 2 years.
This is the only time www.filestofriends.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 52.165.156.46 8075 (MICROSOFT...)
2 74.125.140.95 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
11 142.250.13.154 15169 (GOOGLE)
1 130.211.5.208 15169 (GOOGLE)
7 108.177.15.155 15169 (GOOGLE)
2 142.250.187.232 15169 (GOOGLE)
1 64.233.184.156 15169 (GOOGLE)
1 142.250.187.194 15169 (GOOGLE)
4 66.102.1.157 15169 (GOOGLE)
3 66.102.1.94 15169 (GOOGLE)
1 74.125.133.95 15169 (GOOGLE)
12 108.177.15.132 15169 (GOOGLE)
2 142.250.178.3 15169 (GOOGLE)
1 2 74.125.133.103 15169 (GOOGLE)
1 74.125.133.148 15169 (GOOGLE)
76 17
26    52.165.156.46 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.filestofriends.com
2    74.125.140.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f95.1e100.net
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
11    142.250.13.154 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f154.1e100.net
pagead2.googlesyndication.com
1    130.211.5.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn.mxpnl.com
7    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
googleads.g.doubleclick.net
2    142.250.187.232 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f8.1e100.net
ssl.google-analytics.com
1    64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net
partner.googleadservices.com
1    142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net
adservice.google.com
4    66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
3    66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net
www.gstatic.com
1    74.125.133.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f95.1e100.net
fonts.googleapis.com
12    108.177.15.132 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f132.1e100.net
tpc.googlesyndication.com
2    142.250.178.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f3.1e100.net
fonts.gstatic.com
2    74.125.133.103 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f103.1e100.net
www.google.com
1    74.125.133.148 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f148.1e100.net
s0.2mdn.net
Domain Requested by
26 www.filestofriends.com www.filestofriends.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
11 pagead2.googlesyndication.com www.filestofriends.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com www.filestofriends.com
2 ajax.googleapis.com www.filestofriends.com
1 googleads4.g.doubleclick.net googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.mxpnl.com www.filestofriends.com
1 ajax.aspnetcdn.com www.filestofriends.com
76 17

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
*.filestofriends.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-29 -
2022-08-11		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Frame ID: 251EF903F3574107F1305B2B089D1A4F
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: DC9DD5325B88C7393892FE2E19282648
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Frame ID: 606A736C5E64A63D8D20CA6047065566
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Frame ID: 146FF3CDFACF06A4F7D5B338F700A86E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&adk=4082307559&adf=189583963&lmt=1631562607&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607305&bpp=1&bdt=519&idt=69&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&nras=1&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
Frame ID: 023C787097286321BEF58F3DA28246E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BB51A00DAA8E5DAE3AB6D59337BFFB01
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: 017BAAF7078060904BD070D9A2C8D59A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CFB46549534AF020AFF6F63ABF620B34
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3A6F8178FBFFF1B2D466097F59137A8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C50675A9F666DA0C13690DC6866E6134
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Files - Files to Friends

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mxpnl\.com/libs/mixpanel\-([0-9.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

76
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

1
Countries

1590 kB
Transfer

3305 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request share.aspx
www.filestofriends.com/ 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ad000538304efc4d39623cb6562372897a3833aacc9e29430928aac1bf3ad7a

Request headers

:method
GET
:authority
www.filestofriends.com
:scheme
https
:path
/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp; path=/; HttpOnly; SameSite=Lax
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 13 Sep 2021 19:50:06 GMT
content-length
8634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f95.1e100.net
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 18:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 18:46:58 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/ 		232 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f95.1e100.net
Software
sffe /
Resource Hash
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62563
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 05:15:59 GMT
tag-it.min.js
www.filestofriends.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/js/tag-it.min.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f81e4da1761d358df9dad8291e84afdb5a313ea9c41f55414cca057f0d8749ef

Request headers

:path
/js/tag-it.min.js
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"08177105317d61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2478
mixpanel.js
www.filestofriends.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/js/mixpanel.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d18fc877f040e2261342a33f987e100d758ef377c950f648dc4201345f65932

Request headers

:path
/js/mixpanel.js
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"08177105317d61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1819
normalize.css
www.filestofriends.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/normalize.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f17c2d9989821c53bc18c6e64af800994ed84b90352b972228f8482a8ddfd46

Request headers

:path
/css/normalize.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02715e5317d61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2220
ext.css
www.filestofriends.com/css/ 		3 KB
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/ext.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a06ca6c56f2b9c19c9112757dee7ba2fee18273ef66b241dd64b305568bba5a2

Request headers

:path
/css/ext.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02715e5317d61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
402
style.css
www.filestofriends.com/css/icon-fonts/ 		2 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/icon-fonts/style.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f88a407ec36193ed6d2ec7dd8665feaa46d34ff3b31aee6224a18fe5f11bbb94

Request headers

:path
/css/icon-fonts/style.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"db19c7e5317d61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
734
jquery-ui-1.9.2.custom.css
www.filestofriends.com/css/custom-theme/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/custom-theme/jquery-ui-1.9.2.custom.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6ec2050c27f7a56cef5b910860f8f3236eec0a57d5353cae9a84f31996e7e6a2

Request headers

:path
/css/custom-theme/jquery-ui-1.9.2.custom.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02715e5317d61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6218
jquery.tagit.css
www.filestofriends.com/css/ 		2 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/jquery.tagit.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c4a04ebdab27cd10331b10bf53d62a72d6fe43fc3e32a8e51918bbc9da224f74

Request headers

:path
/css/jquery.tagit.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 20:34:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"37995e5317d61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
841
style.css
www.filestofriends.com/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/style.css
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c3c5114e6a2ec5fe12ae82692509d771efcef001f66dd0a0cea26331eee48c2c

Request headers

:path
/css/style.css
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 20:44:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"01e5ccf9d1dd61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4651
WebForms.js
ajax.aspnetcdn.com/ajax/4.6/1/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
20ce63d9edc1c2aee134c440cfba7d0705d1c6c3c20461964b9310da22c2a5f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6884162
x-cache
HIT
content-length
4612
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:05:29 GMT
server
ECAcc (frc/8FC6)
etag
"802d345cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
ScriptResource.axd
www.filestofriends.com/ 		349 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=oE0RJANTYyEmVGfFVdg1ohOgpJj7EnP7-h6E2hUBdFZYCvGzXcraZhzY5p8MJ10tBYYhaLaZrFMAiDFqnt8InGmS8n9OVWUzfi6FLw8HJ_GD574cIgzb8KTombW44fhKEBbX1ue_EBv7Q3UabvJ5-A2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435

Request headers

:path
/ScriptResource.axd?d=oE0RJANTYyEmVGfFVdg1ohOgpJj7EnP7-h6E2hUBdFZYCvGzXcraZhzY5p8MJ10tBYYhaLaZrFMAiDFqnt8InGmS8n9OVWUzfi6FLw8HJ_GD574cIgzb8KTombW44fhKEBbX1ue_EBv7Q3UabvJ5-A2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
61189
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		93 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=WkSn6CfowgzGZVNruhJKcQSIbBvZoN0qfWKLolY83ii486U1PRyK-ey7d2Uy6itzUe7RJjNdbKcvX_GDLX0w0dazm3lsZTvJKGHBFoGpaNDACBqztaYAq8J6sq2zogkppmmzbELBk50Ha-Dl42ImWQ2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab

Request headers

:path
/ScriptResource.axd?d=WkSn6CfowgzGZVNruhJKcQSIbBvZoN0qfWKLolY83ii486U1PRyK-ey7d2Uy6itzUe7RJjNdbKcvX_GDLX0w0dazm3lsZTvJKGHBFoGpaNDACBqztaYAq8J6sq2zogkppmmzbELBk50Ha-Dl42ImWQ2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
15234
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		62 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=tBdrtl8qXX1SOQRud-tgzz50LLfksuZQ0DKtH2ysu-aG5EWMXdC4WWBklMyiUWlOdxMFSq3jY7Iesci48hr0Ro9YQY_j_qX4jyrJ2UdvZLK2Sj92txm4pYi5_UC-wgEI16V18PS3dv2NGqPsR_6BJg2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
078188b52e3ce4ea576eefd77c2614d29691d9cf2f8271dd1fd9247029881f32

Request headers

:path
/ScriptResource.axd?d=tBdrtl8qXX1SOQRud-tgzz50LLfksuZQ0DKtH2ysu-aG5EWMXdC4WWBklMyiUWlOdxMFSq3jY7Iesci48hr0Ro9YQY_j_qX4jyrJ2UdvZLK2Sj92txm4pYi5_UC-wgEI16V18PS3dv2NGqPsR_6BJg2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public
content-length
11055
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=-Rnl1rlNxpsSx9ZE2aB1QPhgLxnPePl8hXkBsYb8kMNF3UwJAl9vcWaASmtuAgzaBa3Knm89He5aZoge7zcWf85LdFdqwhC8TPzH24hMCcGLm7CoKWeNLN8PgtT2bV2Fz6FVW_44cDFfRcL0Z9G0jA2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
846f31d8c42a71574514adf95fe6ac7196c1d378bef7115167949876e145a0d6

Request headers

:path
/ScriptResource.axd?d=-Rnl1rlNxpsSx9ZE2aB1QPhgLxnPePl8hXkBsYb8kMNF3UwJAl9vcWaASmtuAgzaBa3Knm89He5aZoge7zcWf85LdFdqwhC8TPzH24hMCcGLm7CoKWeNLN8PgtT2bV2Fz6FVW_44cDFfRcL0Z9G0jA2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public
content-length
1057
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		128 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=u-ilVaWdEz_G5qGQsPL61bpbqiFXkCCcRygCCqStv1ICJOdM2AZeavrmw1Q4BEV4S05jW3UURM-4Eb6RvYHNpLG-lyz1z9l-Z1rJ9x5Uvf2bmI60J4KngfgecdIMicRhcLHYyLMlfU5Ofpfw078LSQ2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8059b4c0562623527705ab94ea70f96c813dc44d30987082e444d8a89f8ed7d3

Request headers

:path
/ScriptResource.axd?d=u-ilVaWdEz_G5qGQsPL61bpbqiFXkCCcRygCCqStv1ICJOdM2AZeavrmw1Q4BEV4S05jW3UURM-4Eb6RvYHNpLG-lyz1z9l-Z1rJ9x5Uvf2bmI60J4KngfgecdIMicRhcLHYyLMlfU5Ofpfw078LSQ2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public
content-length
18504
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=HBvmdYnOpCX942JnmDJc4JVhubEQEKxpt90P_ZkSfjpnUVN5ZyhPmBOe-2aZ-bPT1g_8-0wvUqfXcERUrY6mTkG3S4aLkGxvDHH-v7zb0PcFwCxRPU_vVxRFPikwzjJPZLo5rtqyOoOdTXLsXBa4Wg2&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5a917fe40968d5ed0496c8602907cd21e5f7c2070e201ff7f145efa2ddbeffa

Request headers

:path
/ScriptResource.axd?d=HBvmdYnOpCX942JnmDJc4JVhubEQEKxpt90P_ZkSfjpnUVN5ZyhPmBOe-2aZ-bPT1g_8-0wvUqfXcERUrY6mTkG3S4aLkGxvDHH-v7zb0PcFwCxRPU_vVxRFPikwzjJPZLo5rtqyOoOdTXLsXBa4Wg2&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public
content-length
6938
expires
Tue, 13 Sep 2022 11:22:59 GMT
ScriptResource.axd
www.filestofriends.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/ScriptResource.axd?d=jjz6iQy7bM-Obt4LdRm52Tqm9-j6G8yVNYHtSSEexZIJzS1TMKdKhX-RRK7i5MZwUQf_EbZNQpncdMExIkIdrPL9NQV1hcc2OCGMK6SeyoyGpKTc0QqmnJkSYJUNhaHyAIbL3s0oQ-h1gtYiBK7LoZXnjhBt4t9U_oe_hMd7xR_-g2XqKWXngowPGEugVrUy0&t=3a1336b1
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c498ac2227992a31af12bb2df5568f6452bf6249f87b31d96df61619235cb13

Request headers

:path
/ScriptResource.axd?d=jjz6iQy7bM-Obt4LdRm52Tqm9-j6G8yVNYHtSSEexZIJzS1TMKdKhX-RRK7i5MZwUQf_EbZNQpncdMExIkIdrPL9NQV1hcc2OCGMK6SeyoyGpKTc0QqmnJkSYJUNhaHyAIbL3s0oQ-h1gtYiBK7LoZXnjhBt4t9U_oe_hMd7xR_-g2XqKWXngowPGEugVrUy0&t=3a1336b1
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 11:22:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public
content-length
2614
expires
Tue, 13 Sep 2022 11:22:59 GMT
background-clouds.png
www.filestofriends.com/images/ 		688 KB
688 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/background-clouds.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c8da7c1cc3091dc6af0f171c8548b55de98f9cd56dbcb3a8185eb8eaff102ae

Request headers

:path
/images/background-clouds.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f88b1af5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
704075
img_trans.gif
www.filestofriends.com/images/ 		49 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/img_trans.gif
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a962a349a505265aeb57099df429a871d1cdc7d3056f317c5c686820ac8e7d6

Request headers

:path
/images/img_trans.gif
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"6bc9f6e5317d61:0"
content-type
image/gif
accept-ranges
bytes
content-length
49
download.png
www.filestofriends.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/download.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af8c03b2f991da0f8cff1dab79a795b1d905e37ffb65eef1231503821ca25ba6

Request headers

:path
/images/download.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"da6513f5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
1311
clock-icon.png
www.filestofriends.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/clock-icon.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b45b93147e6a46a3cfec091d546fb1f5992e954e6860a6449c4f526bf2d4c8d8

Request headers

:path
/images/clock-icon.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"da6513f5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
1308
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
a2e044b0097cf31951281ab0ad064a83a3bd72cedc5220d414b734b70fa444e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48935
x-xss-protection
0
server
cafe
etag
13732004256791720227
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 19:50:07 GMT
facebook.png
www.filestofriends.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/facebook.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afbbbf40889af3e9bcbddc6681342380a58c581a56df97ee43fe20087672e5b8

Request headers

:path
/images/facebook.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2ca1ef5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
1183
twitter.png
www.filestofriends.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/twitter.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ffc71e8826c684dca6d95c7a32a000e7ae5cab37a2312170b5a67967856cd465

Request headers

:path
/images/twitter.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c818e6e5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
1195
mixpanel-2.2.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/js/mixpanel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.5.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:45:32 GMT
content-encoding
gzip
age
274
x-guploader-uploadid
ADPycdsspqerSpnoonnuCIDkiUeubV41jADzF1_2o2yOGaLLaJOprqN4n6I_Q_LTKy0Kb0YihjOSC_m7nhu07nMGeJfP9WmHYw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:22:08 GMT
server
UploadServer
etag
"acae467b20997801e459f56a5122c003"
vary
Accept-Encoding
x-goog-hash
crc32c=unGNyw==, md5=rK5GeyCZeAHkWfVqUSLAAw==
x-goog-generation
1611858128167188
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Sep 2021 19:55:32 GMT
bottom-envelope.png
www.filestofriends.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/bottom-envelope.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc2f031cf1dff4cde65bde93b722e20b81c2b1864e94b61ada2c8e4c9a180baa

Request headers

:path
/images/bottom-envelope.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp; mp_8782806f78efe488ac6ceb0acaaebc64_mixpanel=%7B%22distinct_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24device_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a2a18f5317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
7496
download.png
www.filestofriends.com/images/ext/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filestofriends.com/images/ext/download.png
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/css/ext.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89b98790ae782a14c6cea76a32d70447baa3565f66ab88f0769aa59bca3ca79e

Request headers

:path
/images/ext/download.png
pragma
no-cache
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp; mp_8782806f78efe488ac6ceb0acaaebc64_mixpanel=%7B%22distinct_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24device_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/css/ext.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/css/ext.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"4128fc105317d61:0"
content-type
image/png
accept-ranges
bytes
content-length
4932
lobster_1.4-webfont.woff
www.filestofriends.com/css/font/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/font/lobster_1.4-webfont.woff
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf0a0da755a3e98b4a5ea83065c3840ccf4be138c25f768499756ba575b75cde

Request headers

sec-fetch-mode
cors
origin
https://www.filestofriends.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp; mp_8782806f78efe488ac6ceb0acaaebc64_mixpanel=%7B%22distinct_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24device_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
:path
/css/font/lobster_1.4-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.filestofriends.com/css/style.css
Origin
https://www.filestofriends.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cbf3bfe5317d61:0"
content-type
font/x-woff
accept-ranges
bytes
content-length
33764
proximanova-regular-webfont.woff
www.filestofriends.com/css/font/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.filestofriends.com/css/font/proximanova-regular-webfont.woff
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.165.156.46 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ebda27da1972d2a59b09aeed9f9124fbba73a685904ad5b7bd3433eb0ddea151

Request headers

sec-fetch-mode
cors
origin
https://www.filestofriends.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ASP.NET_SessionId=zlycabwbqianjy2avwwkcznp; mp_8782806f78efe488ac6ceb0acaaebc64_mixpanel=%7B%22distinct_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24device_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
:path
/css/font/proximanova-regular-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.filestofriends.com
referer
https://www.filestofriends.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.filestofriends.com/css/style.css
Origin
https://www.filestofriends.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:06 GMT
last-modified
Mon, 20 Apr 2020 20:34:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9069b6e5317d61:0"
content-type
font/x-woff
accept-ranges
bytes
content-length
24236
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94967
x-xss-protection
0
server
cafe
etag
3426842561966430038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 19:50:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame DC9D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 12 Sep 2021 21:01:23 GMT
expires
Sun, 26 Sep 2021 21:01:23 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
82124
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s34-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
328
date
Mon, 13 Sep 2021 19:44:39 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 13 Sep 2021 21:44:39 GMT
cookie.js
partner.googleadservices.com/gampad/ 		208 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.filestofriends.com&callback=_gfp_s_&client=ca-pub-1545073788124566
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
cafe /
Resource Hash
87434dbbd32def3d57a65367d274c1cb2a196a9022eedee7935018cbfbbff766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.filestofriends.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 19:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 606A 		85 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
88410254487865af38b01c0b0d5c5d86bbe4249d619ac4efadd0cb347a9fdd1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 Sep 2021 19:50:08 GMT
server
cafe
content-length
28929
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 20:05:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 19:50:08 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f157.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Mon, 13 Sep 2021 19:50:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 146F 		44 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
113a13abf32e270e76033902cc08134927edd5e73bd673b034070e18b659fcd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 Sep 2021 19:50:08 GMT
server
cafe
content-length
22574
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 20:05:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 19:50:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 023C 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&adk=4082307559&adf=189583963&lmt=1631562607&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607305&bpp=1&bdt=519&idt=69&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&nras=1&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1545073788124566&output=html&adk=4082307559&adf=189583963&lmt=1631562607&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607305&bpp=1&bdt=519&idt=69&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&nras=1&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Sep 2021 19:50:07 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 20:05:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 19:50:07 GMT
cache-control
private
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=447749033&utmhn=www.filestofriends.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Files%20-%20Files%20to%20Friends&utmhid=1054437909&utmr=-&utmp=%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&utmht=1631562607407&utmac=UA-33654542-1&utmcc=__utma%3D250214161.344176443.1631562607.1631562607.1631562607.1%3B%2B__utmz%3D250214161.1631562607.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1627246019&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: www.filestofriends.com
URL: https://www.filestofriends.com/share.aspx?code=459a8192a5214711b6907a2b2da16a8a&v=6tQ/NbG2R7o=&d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s34-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 19:50:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
e97fc1f500c2ba07d7ae78e11e245b27.js
www.gstatic.com/mysidia/ Frame 606A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e97fc1f500c2ba07d7ae78e11e245b27.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f94.1e100.net
Software
sffe /
Resource Hash
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3150
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 Dec 2021 09:23:34 GMT
657081d252e7e20d644f411c068fca8c.js
www.gstatic.com/mysidia/ Frame 606A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/657081d252e7e20d644f411c068fca8c.js?tag=text/vanilla_cta_animation_title_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f94.1e100.net
Software
sffe /
Resource Hash
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 23:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3417
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 07:30:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 Dec 2021 23:32:58 GMT
css
fonts.googleapis.com/ Frame 606A 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f95.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 19:08:39 GMT
server
ESF
date
Mon, 13 Sep 2021 19:50:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 19:50:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 606A 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 12:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 12:24:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 606A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 06:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 06:34:15 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 606A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 03:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 03:17:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 606A 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f157.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:08 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 19:50:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 606A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 03:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 03:17:08 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 606A 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f94.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 08:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Dec 2021 08:33:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 606A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmV5Yb6s_Ye6kGJT-xwKa65DABa7wv_tihMbK7uMM4Jeoy5EOEAEg39fpHWDJBqABsOietAPIAQGoAwHIA8sEqgSdAk_QSc2kILI82vPuYkN-yno86oJr0LD1BmgbXoNYg6PpPe8MsTkypw8a5-5Fdu8No6n6CJ9Q4S4S7FWHgdIL1WHjwvG00Ww9r813h7fQmeZFyBKrXFB22W_hJiivLYGYhh3BriL6r5tqa9ho7u0-mGT7ENNL0XLsQSZVc_rbwTgsuJB2pFEvJU9GwM9aUlzih_TPCqrgoa3MtVv7kyMzTSDNm72V1cWf8PkXPlCHT-kT4UctffVdb4lINdyPNl_J0IZPXvsWLcUMnjbaZqCfcZhcP3BE_-XCsU1koyRs2DShiH84i2IBFVOk-W5yRX4D61hs7jfqaXIc8opeorbentgf89-tt8ZMU7Zsb0Gmc9j2DlprwJ_YUwALAuZeucAE19LFj6oDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB7iX4UuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcFEMTd7ALSCAcIgGEQARgfgAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTE1NDUwNzM3ODgxMjQ1NjYYAA&sigh=7MvvLMgzpp0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 13 Sep 2021 19:50:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 13 Sep 2021 19:50:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BB51 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmzSDAeKki02BFnqiwbneHzPbRqEXtO3OGHm6kdTGmz2M-VdBQ4f0CTAJFKZqM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 13 Sep 2021 18:58:17 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 606A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bd171af83545404d0d64977c05f7c22fcb2f97f88900122aefc5e52adcfd34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 606A 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:11:53 GMT
x-content-type-options
nosniff
age
95895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:11:53 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 606A 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 08:12:57 GMT
x-content-type-options
nosniff
age
560231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 08:12:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BB51
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmzSDAeKki02BFnqiwbneHzPbRqEXtO3OGHm6kdTGmz2M-VdBQ4f0CTAJFKZqM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Sep 2021 19:50:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 13-Sep-2021 20:50:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 19:50:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Sep 2021 19:50:08 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame 017B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=250&slotname=1719840981&adk=1889655871&adf=1990448763&pi=t.ma~as.1719840981&w=300&lmt=1631562607&psa=0&format=300x250&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607281&bpp=4&bdt=495&idt=65&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=2923425417643&frm=20&pv=2&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=629&ady=778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xg7b5VnqGP&p=https%3A//www.filestofriends.com&dtd=80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
331422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 23:46:26 GMT
opsgenie_160x600_2.jpg
s0.2mdn.net/5406241/ Frame 146F 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5406241/opsgenie_160x600_2.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f148.1e100.net
Software
sffe /
Resource Hash
8dd4c1ac866b6ee9dd328261fbcf4615bfa87cb93cb75c4c05f4245fa5a45448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:35:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Nov 2019 21:14:43 GMT
server
sffe
age
29707
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55675
x-xss-protection
0
expires
Tue, 14 Sep 2021 11:35:01 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 146F 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
8397158285a8d2f46833b98e8a1c150bb0231fffcd22ff22c7fab650afc0b922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 01:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12715
x-xss-protection
0
server
cafe
etag
16890462019002884935
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 01:18:11 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 146F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 03:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 03:17:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 146F 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f157.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:08 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 19:50:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 146F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 03:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 03:17:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 146F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 06:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 06:34:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 146F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuw8-Trpw5fgYrolUhu3Y6b_akiyaTSnowULHEDTlSt6D2Sk1FiegqGI1EwVj7qfhnZLmXI3CLQEPGu5IEcih2dEzTFxyEMPQ7ToFJXboArA0WX1g4cmHUb7-B3Rpe2Nu1w0gZcN9eOAEjwFZimbBaZ9vkIffX836aaGmdkU9JEDIwDRPlzPmrkz51joxBGj-8BynlcD7mBIMIOkh1JzdkOENFckXk34f4dTSbIo1nyanS8eScP0AfZh7-AL8r_3giWV5Xc2XAbx341IpSJR-k2jB2TMOrPYqO3AXz2EmkvDs8Wnb1rC-4uDVxNVZ0_ZuEgsco6r_2p6OCc7Ka73AXxIYdOzYeVhj7XA_drFNxOFzJE1RjcpX6UdNzkc1GvribTs-YwErmCXh_4UeNyUj0xzyZmGBbGgL53rM8y0J3qqWq1QGQuj0K4MXInDsVcK1CkIZ72aW80BJBQBOvLRpV63SL88Xv_52IftBdNoRzHWZLN2USSNIjmZPH5xlmUoTpXtuvjaTtl9NgxCHaWVdj6Gfm7erfbMRcQwoFE6GE4_sF-SlqaS52GpC0d-CQ4wMQYOGfloIy7-xJh-kGaL2YUw8O0wOVJK5CN3a7rnf7Wfq7Ekiv-biwJrMiGRiylBUyGu8cVWiNllQRgAqwqaXxOISr7wMQ-nekkDBRD_HN_8Jvr6RV_fAv3iE0_ch3j5qHDXQpN60mkxbF5xlAhqGbkLHc06Xy3Ej2fDOBx3xp9yXaJj02QUmGHJSMgiK2xb0P1Nh2C7-kDL4Mng5dfl4uxXNNN9AIIeDVRUhIpuqydRPnz-z4aCZZMeooeCeL0akZMFxzXiOM6VPwdOvsXaKt_T3HjffMO-aemQH6_2AtWG1-FtOHZPZn-8WcSlIRQYhswkJ0ffGzZKOyrjnzs32KVtsTaYshVwlwNVurwgyNjXQsBVEqhCOM4GWw6JQ6SsMrqgtbPFxL6m0rKunRsmCVwuoevjfeuvz_xNH4i8nsOF7FCiFCiGjtgfLBoZfc1IQty5V2THJsomRVtVlBgBhEYCHJo9mtFq-pXDnW861f1QUKU3VFbWLuGVibuLGN0bqVUn8ZfNfWya_6phgMvgjkd5l7VVAMYFTxs0us7vqYl7oNir-spmdF4l5LR2qwD&sig=Cg0ArKJSzJ8hT9eOnsHQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 13 Sep 2021 19:50:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 146F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1545073788124566&output=html&h=600&slotname=7766374580&adk=3480586865&adf=1814017424&pi=t.ma~as.7766374580&w=160&lmt=1631562607&psa=0&format=160x600&url=https%3A%2F%2Fwww.filestofriends.com%2Fshare.aspx%3Fcode%3D459a8192a5214711b6907a2b2da16a8a%26v%3D6tQ%2FNbG2R7o%3D%26d%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631562607285&bpp=1&bdt=500&idt=82&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2923425417643&frm=20&pv=1&ga_vid=344176443.1631562607&ga_sid=1631562607&ga_hid=1054437909&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1029&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44750532%2C44748553%2C31062297&oid=3&pvsid=4067847140717651&pem=151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ruCjGXUF1A&p=https%3A//www.filestofriends.com&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 12:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 12:14:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CFB4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 17:58:15 GMT
expires
Fri, 09 Sep 2022 17:58:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
352313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 146F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5b62e86fc55d05405f2d2e24d2789f6c0ae4a9d86d82f000507cad46961002e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
a05224fd11c1ebd4c6a70d7b078979de866f4b28538234b8113d362d8a1b9e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8426
x-xss-protection
0
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame CFB4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
331422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 23:46:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 13 Sep 2021 19:50:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3A6F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f132.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 10 Sep 2021 22:00:06 GMT
expires
Sat, 10 Sep 2022 22:00:06 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
251402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C506 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f103.1e100.net
Software
GSE /
Resource Hash
7c6cc6425ddd5f339b87ce341af580eeb41cc5761da48d8be115e8992db2b8d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DdAlVtGNW1AMkEzFQBfajg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.filestofriends.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 13 Sep 2021 19:50:08 GMT
date
Mon, 13 Sep 2021 19:50:08 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DdAlVtGNW1AMkEzFQBfajg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame 3A6F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
331422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 23:46:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C506 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=4067847140717651&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFB4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu50Lb6s_Ye7dGuSG7gSC9oOoBgAAAAA4AeAEAg&bg=!eXqlej7NAAYT0U73E9E7ACkAdvg8WqVPfns08BhcNs-5Qfvo79aRLO4rNW8i_opkMoWX9rQVsolTaQIAAABeUgAAABpoAQeZArK-Q9XLaTrRsH9ENkqxfNE_TPohF1TZmMoNJkEpzfGhYA6lWBDz1ohRXReWN9ftotZv4tkvTS9jnz4gD-UdHIm9o29cr7srumRk206nzgDRm1RDQeMhv5ufqdLPXP7iC9Kevv-Lqjo3Q6lZ5eOvRerjbMuCP5ppXWF4L5237s3lJ-PWDWPWuiuuHbRFn2Uj4lmi8Wr5wjAgVDdkbLSX4FYNHl0rmyHSsz77qvxBz488zqTA-gp9UTMvsHhzmRwTZPvcdV1gb96AL1ZDu28BoeHmxMzD_79Br77H2_EGMIZrjyj9JoC4egWQigF3glH-_q7RWNw_j-G6vsSogy_PwfilP9MbsrHugAFZYluEaV5K6K56438vCThPFHEoLu45FZHv1UCOHs6f_Lvea1jRIpL4IHrv8uDvmfBVvd_f7KVSVva3jSdPr5_VfHEHCLABCRlJFtKUan_aU5VCsKP3bOTlvGAZoD9gCB-MGw2e5J1HShbKhk8GR-ayxCRZaxSW7uKtAJckzuy0U0WQirvH2WXxozrCgDllbeEmoT1kMX1rvTJMr-lagomNpcdYNZQsHUfyp7ikrYyOM_igOYMYxBAsMA9_CWTTyPVvD6RmwyX45WVK-o2ZsVdfbCu8hQ5J9X1j73c-cRnZm6Ek3rYqGhezlbUaj0nQmQuxAb8u4VaFoZEpzAG4PyER4TjNNiB4ZLcZ7zpBHCXDHOE1a1vk89tAwGwqyK0cbSWO-7gkVbKKBRLvxHi-frx_x726QRA7bZVqS45W7I3yKnJl3Sh9r1VeS-a1qvq8U5rOYGhjrym1MNECUBCpEhrmUDFmHdHeCn5vkrT8HcbvWSV8l-48v3KpL0lP44EHDlpuNRpApi3nfnbDPozLzB7oiB_yCBFJfGwhVGAhOqnpNVMhinWzmeDhSkM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 19:50:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=4067847140717651&bg=!kZKlktbNAAYT0U73E9E7ACkAdvg8Wvm1jWifg1pw9XcojBFcriLg9OktPTHQfEUWmtFM7Od5uC8hfwIAAABnUgAAAAxoAQeZAom4rctJLDm_QZKzJ7p_nzHTRY7cVZXYOsCJ6fhfrkh01EKYbcTgUZJ2AXI2h6BsF6SdgJ2wHqlyMZp88yDLcNCGT-mbhlynu-YuXM0Iu8dCAcbT7HLj_7rX_L8tg774qdHLkHlXFBoofCn92Kdjj9MhgxB0_zcOYUKmtBsWLRq_Azh8JAZ_d_EMPqTAJDYpGbN-0yCTNBMYrtW1rBtHtWOazCZ8K2YukalyVAi0tRKpTr7X9Hc8vR-erxAYRMxqzx52EWesAuEYXiTEegvKC6wok73LLz-kxhJbLGyJZ3eZXQGkcFl35Su1nTZ-zLcIR051XknLHHpBGhfDsTNO_pKoXAZyMXoCtjgoHcVi8j8ih1S2Ea9Th-8O9lomLioYwSJ3sLuLwMR3_F-2Z2BJqiwapNeAhv62HyWjOShxeASf5sxQMKCkdCsVdSbdofnVtldwxipHSi-aZJPoGgqBoQwHB8GVrXKCRKcqqY6uBFwgH7mc3mayGo_fdYSYOkfGoP54TA2V2U5flztSoHxSJy-CYDsALWaCI5hJQ8lZ_mqSIxBOHDa2TerUtmqr9VZEqFrboKoLgGSDtUJFqIElIZiJgwPsPLk7zLSCRPWmhM_kkmR8n29E7irQbKn1NREwCZZqXBImvdp_czGrTilelXyXht7tVhm03cLxZ57DxURX-MUYxTIxvgu1_uQzReJALRXM9ALf6OlMFh_fFllYFYvCAAEP-8W3U4grXQ2og9DfieAl9ey8LZVTmkGgYr6WZAsRJUHtN_bqgtxwDHAr5igfDmOlLgU3DjyhScmXvMwQIOM9BGKrs-R_O-PUh7ivjNN-5Ycs2HBdkZMW9pN1voLHPvVYabpBsNmE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.filestofriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 19:50:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 606A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaxKgRW7Df_OjVxKvh__35w5ocT84mdGFOSWRo2ua9hD4FiLoG3dPWrwxZy6APuUSMXld6KwA-NBa4P4FKsc43y3Bxru-JsNogQaa5FoKHoiH2Pno3mK5hP3I&sai=AMfl-YTkIbvrgbgLYlks0AE5a4gIrrTp3dUSRp6UdvIHOBgT0zlOpy0jGP2W86rvSnPhr1Mljz-1DjxHs_nl&sig=Cg0ArKJSzMH33721w25uEAE&id=lidar2&mcvt=1000&p=782,629,1032,929&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1889655871&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631562607362&rpt=1006&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 19:50:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 146F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6eDIv-FVC7FWU_NBBVwZ25t8ZEJ3u7-b4codB-GA7kQLtjF56beub_eHI_u_-1xN4C-GmVyWFLgHkcaTYlzs53RFFfwyDPQXEDRhxq5UZxRISi0cTFp-1lh8KxwfQvhFhDYzth_Q6CjaOoNjvqdygerT5jbLYHLJy41mkFL5jQPMxtTk&sai=AMfl-YTbCFFnaxvI-UEix_UDzF_CK1RT0DZR-8EK1yCLABqgoVaPYMeD9U6Veb2xY53ZfwWUp9T7dvHQh4Xw&sig=Cg0ArKJSzFjK1AvisSKsEAE&id=lidar2&mcvt=1000&p=191,1029,791,1189&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3480586865&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631562607372&rpt=1126&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 19:50:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| DP_jQuery_1631562606905 function| LocalStorageAvailable object| gvStorage function| mpHomepage function| mpEngaged function| mpFileAdded function| mpAddEmail function| mpMessageAdded function| mpTransferStarted function| mpTransferFinish function| mpNewTransferVisit function| mpPastTransferVisit function| mpAllContactsVisit function| mpSignupVisit function| mpPurchaseVisit object| mixpanel function| downloadFile function| downloadZipFile object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| $common object| CommonToolkitScripts object| $AA object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gaq string| lastPostBackId object| pageReqMan function| checkSubmitButton string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _gat function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
www.filestofriends.com/ Name: ASP.NET_SessionId
Value: zlycabwbqianjy2avwwkcznp
.filestofriends.com/ Name: mp_8782806f78efe488ac6ceb0acaaebc64_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24device_id%22%3A%20%2217be0b5a99fbe0-0b9ad6acf5e13e-c343365-1d4c00-17be0b5a9a0a7f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.filestofriends.com/ Name: __utmc
Value: 250214161
.filestofriends.com/ Name: __utmz
Value: 250214161.1631562607.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.filestofriends.com/ Name: __utmt
Value: 1
.filestofriends.com/ Name: __utma
Value: 250214161.344176443.1631562607.1631562607.1631562607.1
.filestofriends.com/ Name: __utmb
Value: 250214161.1.10.1631562607
.filestofriends.com/ Name: __gads
Value: ID=95cd1627e76ab473-223097f824cb00dc:T=1631562607:RT=1631562607:S=ALNI_Mb57yEYVQKyrLlsXG6-gJODTrifuQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmzSDAeKki02BFnqiwbneHzPbRqEXtO3OGHm6kdTGmz2M-VdBQ4f0CTAJFKZqM
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.aspnetcdn.com
ajax.googleapis.com
cdn.mxpnl.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.filestofriends.com
www.google.com
www.googletagservices.com
www.gstatic.com
108.177.15.132
108.177.15.155
130.211.5.208
142.250.13.154
142.250.178.3
142.250.187.194
142.250.187.232
152.199.19.160
52.165.156.46
64.233.184.156
66.102.1.157
66.102.1.94
74.125.133.103
74.125.133.148
74.125.133.95
74.125.140.95
06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab
078188b52e3ce4ea576eefd77c2614d29691d9cf2f8271dd1fd9247029881f32
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0c498ac2227992a31af12bb2df5568f6452bf6249f87b31d96df61619235cb13
0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435
0f17c2d9989821c53bc18c6e64af800994ed84b90352b972228f8482a8ddfd46
113a13abf32e270e76033902cc08134927edd5e73bd673b034070e18b659fcd9
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
1c8da7c1cc3091dc6af0f171c8548b55de98f9cd56dbcb3a8185eb8eaff102ae
20ce63d9edc1c2aee134c440cfba7d0705d1c6c3c20461964b9310da22c2a5f2
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
4a962a349a505265aeb57099df429a871d1cdc7d3056f317c5c686820ac8e7d6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6ec2050c27f7a56cef5b910860f8f3236eec0a57d5353cae9a84f31996e7e6a2
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
7c6cc6425ddd5f339b87ce341af580eeb41cc5761da48d8be115e8992db2b8d3
8059b4c0562623527705ab94ea70f96c813dc44d30987082e444d8a89f8ed7d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8397158285a8d2f46833b98e8a1c150bb0231fffcd22ff22c7fab650afc0b922
846f31d8c42a71574514adf95fe6ac7196c1d378bef7115167949876e145a0d6
87434dbbd32def3d57a65367d274c1cb2a196a9022eedee7935018cbfbbff766
88410254487865af38b01c0b0d5c5d86bbe4249d619ac4efadd0cb347a9fdd1d
89b98790ae782a14c6cea76a32d70447baa3565f66ab88f0769aa59bca3ca79e
8ad000538304efc4d39623cb6562372897a3833aacc9e29430928aac1bf3ad7a
8dd4c1ac866b6ee9dd328261fbcf4615bfa87cb93cb75c4c05f4245fa5a45448
9d18fc877f040e2261342a33f987e100d758ef377c950f648dc4201345f65932
a05224fd11c1ebd4c6a70d7b078979de866f4b28538234b8113d362d8a1b9e0a
a06ca6c56f2b9c19c9112757dee7ba2fee18273ef66b241dd64b305568bba5a2
a2e044b0097cf31951281ab0ad064a83a3bd72cedc5220d414b734b70fa444e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a917fe40968d5ed0496c8602907cd21e5f7c2070e201ff7f145efa2ddbeffa
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
af8c03b2f991da0f8cff1dab79a795b1d905e37ffb65eef1231503821ca25ba6
afbbbf40889af3e9bcbddc6681342380a58c581a56df97ee43fe20087672e5b8
b3bd171af83545404d0d64977c05f7c22fcb2f97f88900122aefc5e52adcfd34
b45b93147e6a46a3cfec091d546fb1f5992e954e6860a6449c4f526bf2d4c8d8
b5b62e86fc55d05405f2d2e24d2789f6c0ae4a9d86d82f000507cad46961002e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf0a0da755a3e98b4a5ea83065c3840ccf4be138c25f768499756ba575b75cde
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c3c5114e6a2ec5fe12ae82692509d771efcef001f66dd0a0cea26331eee48c2c
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
c4a04ebdab27cd10331b10bf53d62a72d6fe43fc3e32a8e51918bbc9da224f74
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e
ebda27da1972d2a59b09aeed9f9124fbba73a685904ad5b7bd3433eb0ddea151
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f81e4da1761d358df9dad8291e84afdb5a313ea9c41f55414cca057f0d8749ef
f88a407ec36193ed6d2ec7dd8665feaa46d34ff3b31aee6224a18fe5f11bbb94
fc2f031cf1dff4cde65bde93b722e20b81c2b1864e94b61ada2c8e4c9a180baa
ffc71e8826c684dca6d95c7a32a000e7ae5cab37a2312170b5a67967856cd465