urlscan.io logo urlscan.io
SecurityTrails logo

filecr.com Open in urlscan Pro
2606:4700:3032::ac43:8ae6  Public Scan

Go To Rescan Add Verdict Report
URL: https://filecr.com/en/?id=94410900864
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 9 countries across 72 domains to perform 328 HTTP transactions. The main IP is 2606:4700:3032::ac43:8ae6, located in United States and belongs to CLOUDFLARENET, US. The main domain is filecr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time filecr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 2.18.235.93 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
21 192.0.77.2 2635 (AUTOMATTIC)
3 94.31.29.32 6461 (ZAYO-6461)
1 2606:4700:303... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.158.18.139 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
10 52.30.136.0 16509 (AMAZON-02)
5 2602:803:c004... 26667 (RUBICONPR...)
3 3.214.91.80 14618 (AMAZON-AES)
3 7 185.33.221.91 29990 (ASN-APPNEX)
1 185.255.84.151 200271 (IGUANE-)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 52.28.203.152 16509 (AMAZON-02)
4 51.75.86.98 16276 (OVH)
40 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
6 25 142.250.185.130 15169 (GOOGLE)
3 9 2.18.234.21 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
3 4 35.244.159.8 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 4 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 35.186.253.211 15169 (GOOGLE)
3 3 63.251.14.3 14744 (INTERNAP-...)
3 185.86.137.107 201081 (SMARTADSE...)
6 7 18.156.0.31 16509 (AMAZON-02)
2 2 54.93.151.69 16509 (AMAZON-02)
1 6 69.173.144.138 26667 (RUBICONPR...)
3 3 13.248.245.213 16509 (AMAZON-02)
2 2 18.159.140.98 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2620:1ec:bdf::44 8068 (MICROSOFT...)
1 151.101.65.108 54113 (FASTLY)
4 23.79.143.124 16625 (AKAMAI-AS)
2 104.16.201.58 13335 (CLOUDFLAR...)
8 10 35.71.131.137 16509 (AMAZON-02)
16 34.254.122.11 16509 (AMAZON-02)
2 208.100.17.172 32748 (STEADFAST)
5 6 213.19.147.44 3356 (LEVEL3)
1 50.19.13.13 14618 (AMAZON-AES)
2 2 193.0.160.129 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 147.75.61.140 54825 (PACKET)
4 4 82.145.213.8 39832 (NO-OPERA)
1 1 192.96.200.41 30633 (LEASEWEB-...)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 185.29.134.244 30419 (MEDIAMATH...)
4 4 151.101.2.49 54113 (FASTLY)
1 2 54.36.109.48 16276 (OVH)
2 185.86.139.115 201081 (SMARTADSE...)
1 2600:9000:205... 16509 (AMAZON-02)
1 2 209.54.180.144 16509 (AMAZON-02)
1 2 52.215.102.174 16509 (AMAZON-02)
1 1 52.4.244.165 14618 (AMAZON-AES)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 37.252.173.27 29990 (ASN-APPNEX)
3 3 18.196.162.123 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 52.44.220.233 14618 (AMAZON-AES)
2 2 70.42.32.127 22075 (AS-OUTBRAIN)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 54.77.243.210 16509 (AMAZON-02)
1 2.18.233.180 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 104.16.63.54 13335 (CLOUDFLAR...)
1 198.47.127.19 62713 (AS-PUBMATIC)
328 68
21    2606:4700:3032::ac43:8ae6 (United States)

ASN13335 (CLOUDFLARENET, US)
filecr.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
27    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i1.wp.com
i0.wp.com
i2.wp.com
i3.wp.com
3    94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2606:4700:3035::6815:5fcf (United States)

ASN13335 (CLOUDFLARENET, US)
webcrx.io
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    35.158.18.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-18-139.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
10    52.30.136.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
5    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
7    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
10    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
40    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
25    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    63.251.14.3 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
ce.lijit.com
3    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    54.93.151.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-151-69.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.159.140.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
16    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
6    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    50.19.13.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-13-13.compute-1.amazonaws.com
jadserve.postrelease.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com
id5-sync.com
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:2057:4c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.4.244.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-244-165.compute-1.amazonaws.com
sync.extend.tv
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    18.196.162.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-162-123.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    52.44.220.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-220-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    54.77.243.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.48 (Toshima, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    104.16.63.54 (None, )

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
851 KB
53 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
312 KB
22 yahoo.com
c2shb.ssp.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
6 KB
21 wp.com
i1.wp.com
i0.wp.com
i2.wp.com
i3.wp.com
124 KB
21 filecr.com
filecr.com
222 KB
19 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
30 KB
16 gumgum.com
g2.gumgum.com
rtb.gumgum.com
5 KB
15 ampproject.org
cdn.ampproject.org
306 KB
13 google.com
adservice.google.com
www.google.com
2 KB
11 servenobid.com
ads.servenobid.com
public.servenobid.com
7 KB
10 adsrvr.org
match.adsrvr.org
4 KB
9 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
24 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
67 KB
6 googletagservices.com
www.googletagservices.com
209 KB
5 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
5 openx.net
us-u.openx.net
rtb.openx.net
1 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 opera.com
t.adx.opera.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 onetag-sys.com
onetag-sys.com
2 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
6 KB
4 sharethrough.com
btlr.sharethrough.com
match.sharethrough.com
5 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 3lift.com
eb2.3lift.com
1 KB
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
974 B
3 4dex.io
script.4dex.io
mp.4dex.io
24 KB
3 google.de
adservice.google.de
754 B
3 buysellads.net
cdn4.buysellads.net
204 KB
3 media.net
contextual.media.net
cs.media.net
138 KB
2 glotgrx.com
pre.glotgrx.com
415 B
2 creativecdn.com
creativecdn.com
695 B
2 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
5 KB
2 360yield.com
ad.360yield.com
617 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 id5-sync.com
id5-sync.com
2 KB
2 rfihub.com
p.rfihub.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
868 B
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 yabidos.com
pixel.yabidos.com
25 KB
2 criteo.net
static.criteo.net
53 KB
2 advertising.com
pixel.advertising.com
935 B
2 2mdn.net
s0.2mdn.net
119 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 cloudflare.com
cdnjs.cloudflare.com
33 KB
1 socdm.com
tg.socdm.com
690 B
1 emxdgt.com
cs.emxdgt.com
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 contextweb.com
bh.contextweb.com
383 B
1 bluekai.com
stags.bluekai.com
1 KB
1 stackadapt.com
sync.srv.stackadapt.com
614 B
1 quantserve.com
pixel.quantserve.com
514 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 extend.tv
sync.extend.tv
546 B
1 smaato.net
s.ad.smaato.net
240 B
1 rlcdn.com
id.rlcdn.com
1 aralego.com
sync.aralego.com
345 B
1 a-mo.net
prebid.a-mo.net
311 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 omnitagjs.com
hb-api.omnitagjs.com
704 B
1 googleadservices.com
partner.googleadservices.com
510 B
1 webcrx.io
webcrx.io
2 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
0 temp.com Failed
temp.com Failed
328 72
Domain Requested by
40 tpc.googlesyndication.com googleads.g.doubleclick.net
filecr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
cdn.ampproject.org
27 pagead2.googlesyndication.com filecr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
www.googletagservices.com
25 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
g2.gumgum.com
21 filecr.com filecr.com
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
filecr.com
15 rtb.gumgum.com g2.gumgum.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
10 match.adsrvr.org 8 redirects ssum-sec.casalemedia.com
10 www.google.com 5 redirects tpc.googlesyndication.com
filecr.com
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
10 c2shb.ssp.yahoo.com cdn4.buysellads.net
10 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
8 i1.wp.com filecr.com
7 ups.analytics.yahoo.com 6 redirects ssum-sec.casalemedia.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 ib.adnxs.com 3 redirects cdn4.buysellads.net
googleads.g.doubleclick.net
acdn.adnxs.com
6 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
filecr.com
6 www.googletagservices.com cdn4.buysellads.net
googleads.g.doubleclick.net
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 i3.wp.com filecr.com
5 i0.wp.com filecr.com
4 sync-tm.everesttech.net 4 redirects
4 t.adx.opera.com 4 redirects
4 sync.1rx.io 4 redirects
4 eus.rubiconproject.com cdn4.buysellads.net
eus.rubiconproject.com
g2.gumgum.com
4 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
3 x.bidswitch.net 3 redirects
3 sync.mathtag.com 3 redirects
3 token.rubiconproject.com 3 redirects
3 eb2.3lift.com 3 redirects
3 ssbsync.smartadserver.com fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
public.servenobid.com
g2.gumgum.com
3 fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 cdn4.buysellads.net filecr.com
3 i2.wp.com filecr.com
2 pre.glotgrx.com mantodea.mantisadnetwork.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 rtb-csync.smartadserver.com ssbsync.smartadserver.com
2 id5-sync.com 1 redirects ssbsync.smartadserver.com
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects g2.gumgum.com
2 ssum-sec.casalemedia.com public.servenobid.com
ssum-sec.casalemedia.com
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 pixel.advertising.com 2 redirects
2 match.sharethrough.com 2 redirects
2 cs.media.net 2 redirects
2 ap.lijit.com 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 mantodea.mantisadnetwork.com cdn4.buysellads.net
2 btlr.sharethrough.com cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com filecr.com
cdnjs.cloudflare.com
1 image6.pubmatic.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 ssc-cms.33across.com g2.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ads.pubmatic.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 secure.adnxs.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 sync.extend.tv 1 redirects
1 s.ad.smaato.net ssbsync.smartadserver.com
1 id.rlcdn.com
1 sync.aralego.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 jadserve.postrelease.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 acdn.adnxs.com cdn4.buysellads.net
1 public.servenobid.com cdn4.buysellads.net
1 mug.criteo.com
1 rtb.openx.net 1 redirects
1 ads.yahoo.com googleads.g.doubleclick.net
1 mp.4dex.io cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 webcrx.io filecr.com
1 www.googletagmanager.com filecr.com
1 contextual.media.net filecr.com
0 temp.com Failed g2.gumgum.com
328 105

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-25 -
2021-12-15		 2 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-02		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2		 2020-12-14 -
2022-01-12		 a year crt.sh

This page contains 49 frames:

Primary Page: https://filecr.com/en/?id=94410900864
Frame ID: 32133202C4A72277509D2AF47EF1B698
Requests: 100 HTTP requests in this frame

Frame: https://webcrx.io/extension/comm
Frame ID: 4834EE1135665380BAE88F45F369FCDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 56BF4D27D337C2C7D123A770E6DF9C89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1636794187&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187670&bpp=3&bdt=461&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5669502766711&frm=20&pv=2&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Frame ID: 1C3B84F42F324D2E260A2D401A18AD1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Frame ID: EB27C1AB2A5A2568B80F6DF672AD1A2A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Frame ID: A3503AD4972BA3BE63664CC3FB8B344D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 365D7E99AF8B711A8699E3CFFD7BF909
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A4F0C92ED792C16B76137A919FB779A0
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 96FEAD696838494B725AAF3A28A66B6B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EC01C074EFB6043284D6E636C297E8FB
Requests: 2 HTTP requests in this frame

Frame: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A80A540A215DC948B3607BFAC20F92F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 9FF22DD78F167456605187B427C632B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 6688D06328FEC04C495BAB66DB621796
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: AAE8F4C1CF3ABCF7135414EAB95FB51D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0C246DA188063AFE4DE7D03BE64B2B6F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B69CE153E4F8E091D57FF3D9C3BCAE44
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: B9C5092DF370F178BFB8173EDA150C93
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: C97920C9603895E63680DB3581A3D5AE
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 5338BEB475D058A90B0780878471386D
Requests: 16 HTTP requests in this frame

Frame: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A12196A844E49B572DB319D42BA04180
Requests: 14 HTTP requests in this frame

Frame: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 775EC17175F3E2C61ACC1E051DB0EB5C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Frame ID: 5BD5566716D6ECF2A90311FD31B63277
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWz-Dy39TOt83E9mtb3DrKrfErbIaT-ZDvlLyLmw1q8_TdgqGg49ZP25WWA89bbPiTEm2WSyqYplAwd60OWTMBDSsW5vitWoQOAcAOXmGMy4VCP1-w
Frame ID: 2A1AE962A6BE8F85604D5DE67106BE48
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4416D45F82B5B792474BA72885BFE852
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8EB16D5DA7562F07823DD1F341A8AFC5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 384808B260310AE9CEC0EDFF8445298A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7F6E633C26A6CF2AFC1A59321FC6967
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Frame ID: 722A668C4D779CCC522131F7D1FA7375
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1636794188316
Frame ID: 1DB81E0108CF6350EED56D20D4A660D5
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Frame ID: CF196E54A90389FBCF293AFF948B644C
Requests: 6 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 412F9CCF414E7474EB7E5AEF7D8CAD66
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B88C78B9953C324C3A2A43AE023B3ADA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 25A9E469FD8EA4192F29E5EF15660524
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 878519249B97B38AFC54122F0C2A89A6
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 28D56F3947BF9AAC17C10A3395D2F603
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 6F53EEB5160918AC73CA02FF9CBB9DBC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 1FA1A4632E80BBEC405234E2417DAE49
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: BA9C7BE5381859E32C50C9F44F2657D2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 742C2D78FB99F86719B687527B9D1806
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=b31c5af8-31f4-4ee1-9634-cd3440c83aae&t=1639386191
Frame ID: 19FF6D8D282255E121E55ACA5FF6419F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C87503B775768A60A7F9EBC5965F32F7
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=441d618f-7f4f-4f00-82c3-bdfd40527d67&gdpr=0&gdpr_consent=
Frame ID: A93752CCC4928B23B5ABDE3CCFC36972
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YY9-TwAEM0L3_gAz&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
Frame ID: 767B0D201BC0A18576654DA6A0B8B2E4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Mzc5MWQwMi0xMGY4LTQzOWYtODcyNi00MzQyN2Y4NTBiM2I=&gdpr=0&gdpr_consent=
Frame ID: EC7B3DC2A08213263435410C6262978E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 95571548AD90D44CC1FEF86DF5E27929
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 664511B41F8DDE5873961A15CF3B9C89
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YY9-UMCo8XoAADpgcewAAAAA
Frame ID: 00A332534B0B2A93FD5404CA8A332CDA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5131077719707519648
Frame ID: 5174C29CE811DA07A59A181524576ED5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4ljPKN0glWIsAQQHG5nH&pi=gumgum&tc=1
Frame ID: 2525F39E68B1E9D41B8A317871F588BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FileCR - THE BIGGEST SOFTWARE STORE

Page Statistics

328
Requests

82 %
HTTPS

30 %
IPv6

72
Domains

105
Subdomains

68
IPs

9
Countries

2841 kB
Transfer

7155 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 125
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 186
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 194
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 198
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1&C=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY9-Td0ZzwXIXUFZtwa-eAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAH6JjFXBSLVvIxbdSRLsBQ&google_cver=1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzM4NjQyOTU2NjkxNDQ3OQ%3D%3D
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1hfMQDBZt9jnveILxGiiw&google_cver=1
Request Chain 212
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmYwYTFhNzItM2EyMi0yZWI0LWQ0NWUtNDVjYTk4ZDU4OTIw
Request Chain 227
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2BB6rFHOjufASaBWcXrDY&google_cver=1&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoOiMi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoOiMi0&google_hm=NDI0NjY4NTQyMzMxNDMzNDk0Mw%3D%3D
Request Chain 228
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAB-Z-zyUN7nUNySKuprgEw&google_cver=1&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM&google_hm=TDNDhFrTyT4nylPEgS59-g==
Request Chain 229
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOn_PdAeATt2si5gf30R0fk&google_cver=1&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOn_PdAeATt2si5gf30R0fk&google_cver=1&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4&google_hm=477fe2f416b75f6b8bfc3abf
Request Chain 230
  • https://cs.media.net/cksync?type=g&google_gid=CAESENJYeFXUH8obugh9fThWu7c&google_cver=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENIE5AfnB-61dWAKdPRHX_qHpMwCAuzSsFxqThR60xsfH34QRf_l861c1aWLZ0y3UvuswWc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENIE5AfnB-61dWAKdPRHX_qHpMwCAuzSsFxqThR60xsfH34QRf_l861c1aWLZ0y3UvuswWc&gdpr=&gdpr_consent=
Request Chain 232
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqrn0NHHyDll6BZsQ0RHEcLc3Aeme HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqrn0NHHyDll6BZsQ0RHEcLc3Aeme&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqrn0NHHyDll6BZsQ0RHEcLc3Aeme
Request Chain 233
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJDYChiT5w7nCZ7iQWYz-nU&google_cver=1&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJbb9CzRCq8eiq899LE2s_lMNU55xuhTY8VXlo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2M3NWUwZjUtY2M0YS00MmNhLTljMTktZjgwOGZlYWQ3MzRi&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJbb9CzRCq8eiq899LE2s_lMNU55xuhTY8VXlo
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFtw-OJaNy5qTiNQYgY6k3o&google_cver=1&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0jMdzSF8R__6lmFWQ0eaLkPP8o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0jMdzSF8R__6lmFWQ0eaLkPP8o
Request Chain 237
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJqBlz06v8ObVmtixwJOFwE&google_cver=1&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3
Request Chain 238
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIfqMNWMVOIK9vlWJ5UuLyc&google_cver=1&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs&google_gid=CAESEIfqMNWMVOIK9vlWJ5UuLyc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU2NTA0NDE5Nzc0Nzk1NjYwOQ%3D%3D&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs
Request Chain 239
  • https://cs.media.net/cksync?type=g&google_gid=CAESENJYeFXUH8obugh9fThWu7c&google_cver=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PVA_sTm27Rmk_0G3y5VPDHHkOk9kRnCG0uuI5oXFtzznhH6yt017AXV15s1oBRSNAqNHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PVA_sTm27Rmk_0G3y5VPDHHkOk9kRnCG0uuI5oXFtzznhH6yt017AXV15s1oBRSNAqNHQ&gdpr=&gdpr_consent=
Request Chain 240
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB&apid=UP8631005a-4460-11ec-8392-02a00eb282d4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NjMxMDA1YS00NDYwLTExZWMtODM5Mi0wMmEwMGViMjgyZDQ%3D&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB
Request Chain 241
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljjWpRTE6XQoKJmiHcZ4SFYNxjDJx HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljjWpRTE6XQoKJmiHcZ4SFYNxjDJx&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljjWpRTE6XQoKJmiHcZ4SFYNxjDJx
Request Chain 242
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJDYChiT5w7nCZ7iQWYz-nU&google_cver=1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xAJjFAQLmDes-L2Lwr-PyQ2XxjTNBVhGLFZGTy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NDg2NTc2OGQtODI1ZS00MjE1LTkxZWYtNjc5M2Y0NjA0ZmY1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xAJjFAQLmDes-L2Lwr-PyQ2XxjTNBVhGLFZGTy
Request Chain 253
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=uQqMx3xSR3JnWjlrb2tKemF2QXhPcEd2WldLK3lXSkIreHpydHdScWlBbWJ5dTY0UG9yTkhjSmMwY0ZmQzdOYUN5dS9zOHFGWi92bFpFdG5tWTFTU2d6VWlvTEpOTUZWaGk0cWhmSUF4bG5DSTR6SU00TDlNZUFLZEszcHpCampUS0R6bHU4TzZ4SnYzT0FzNitkZW9UakRYTWV2a0wrK2VaR0Z0RGdWTUdrTHRPN3ZPVDNibCtLT2RlUkJsMmlFbU9CWkRNM1EvZ3VidjBvaFZVUU9DdFc0MVZuV2o0bFE3cU5oZHE2Q3QxTEpWeURuSkpBUnMyVERZSmZqeGhOR2Y4L1FyUktxeHMyaFE0Q2R5SXVHWjRaZFJaUT09fA&cppv=2
Request Chain 263
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=b31c5af8-31f4-4ee1-9634-cd3440c83aae
Request Chain 269
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5663386429566914479
Request Chain 270
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=477fe2f416b75f6b8bfc3abf
Request Chain 271
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2734587355 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2734587355 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/9345ccf1-f80e-4fe8-925d-588556ac0b17 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
Request Chain 273
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5131077719707519648
Request Chain 275
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=76c38c41-7627-4ab0-8b36-fa447fb60bbb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 276
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D HTTP 302
  • https://sync.aralego.com/idSync?ucf_nid=par-627D96DE43D94E241EAD99688E72B636&ucf_user_id=b84945613eaa2d4a&redirect=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fuid%3DUCFUID%26vendor%3D60114 HTTP 302
  • https://t.adx.opera.com/sync?uid=UCFUID&vendor=60114 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58484/occ HTTP 302
  • https://t.adx.opera.com/sync?vendor=60112&uid=y-uHyfJqZE2uFhuae84.6VQ8cSHj_s1JlDaA6DCKA-~A HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID HTTP 302
  • https://t.adx.opera.com/sync?vendor=60124&uid=2565044197747956609 HTTP 302
  • https://ads.servenobid.com/sync?operaUid=aaed1e65ada645c6873ab4336b6722ff&pid=335&uid=
Request Chain 278
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==
Request Chain 279
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxMzc5YTlmNWU2N2VkYTJjMGNiM2VkOGU4NjJmNWI5MzU5ZmE1OA
Request Chain 280
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YNMUECnRTkiVxmu6GUYmW8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7772786691144388439
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=441d618f-7f4f-4f00-82c3-bdfd40527d67
Request Chain 283
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YY9-TwAEMYX3HgAz HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9-TwAEMYX3HgAz&_test=YY9-TwAEMYX3HgAz
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG530ORnro6lwMDT7KdgA-4&google_cver=1
Request Chain 286
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
Request Chain 287
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b31c5af8-31f4-4ee1-9634-cd3440c83aae&gdpr=1&gdpr_consent=
Request Chain 289
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5d77618f-7f4f-4300-940a-92766e5e65cf&gdpr=0&gdpr_consent=
Request Chain 291
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&dcc=t
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBd0SYtpBLN3I_8BwdRTYhQ&google_cver=1
Request Chain 295
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 296
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29d7bb3b-6bd4-4bc6-bf71-5269efe1a2fe
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639386191
Request Chain 300
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=5663386429566914479
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=4n4EkeMpCJH5KQ7B7X4RkeR5WMP5el2W53wMse3Q HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=72a3fc23-db77-41cc-8e33-775ce3e9e5e1
Request Chain 302
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d06f88d2-c273-463d-636f-dba9f0bb8d5e$ip$185.232.23.178
Request Chain 303
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=KZqMKWWnQdlSWO-LvjAX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S22OFGUWV2XNZIWI3CTK5HS2TDWNJAVQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S22OFGUWV2XNZIWI3CTK5HS2TDWNJAVQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KZqMKWWnQdlSWO-LvjAX&us_privacy=1---
Request Chain 304
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7077743617 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b31c5af8-31f4-4ee1-9634-cd3440c83aae HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
Request Chain 305
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=1G9QD6kTatp7&ev=1&pid=558355
Request Chain 306
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28PVHkCmygPC9R4IpL-yKf__4AfC1x3Hu535gOIq2Mb6lNLScT7x4t7gnL4eGKNlyT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28PVHkCmygPC9R4IpL-yKf__4AfC1x3Hu535gOIq2Mb6lNLScT7x4t7gnL4eGKNlyT%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_53791d02-10f8-439f-8726-43427f850b3b&obuid=ENC(PVHkCmygPC9R4IpL-yKf__4AfC1x3Hu535gOIq2Mb6lNLScT7x4t7gnL4eGKNlyT) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://temp.com/
Request Chain 307
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=64586dc8-db40-4846-a6c5-0f9e9a674606
Request Chain 308
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-ZIbHRaNE2pdwPJKrhp0w_iXQ12JgCKFsUKPc~A
Request Chain 309
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=8780639a-4460-11ec-9c5d-b79aa551c8c8
Request Chain 312
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=edcd954d-63d9-4fef-8bb7-e9bf2847e45d
Request Chain 316
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=b31c5af8-31f4-4ee1-9634-cd3440c83aae&t=1639386191
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 318
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=441d618f-7f4f-4f00-82c3-bdfd40527d67&gdpr=0&gdpr_consent=
Request Chain 319
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YY9-TwAEM0L3_gAz&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
Request Chain 323
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YY9-UMCo8XoAADpgcewAAAAA
Request Chain 324
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5131077719707519648
Request Chain 325
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=4ljPKN0glWIsAQQHG5nH&pi=gumgum&tc=1

328 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
filecr.com/en/ 		146 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25 PleskLin
Resource Hash
04a73f77ed71c2b153992670731ad4292f12cb3fdf3ad4eced60b70b39da6ebb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.25 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://filecr.com/wp-json/>; rel="https://api.w.org/", <https://filecr.com/wp-json/wp/v2/pages/57680>; rel="alternate"; type="application/json", <https://filecr.com/?p=57680>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFOgAcZBmIIRYYrDFnWH3AVu%2B9wk%2FDS04mFdyXEtGgH1qqcvJRZ%2Be4bHBRTLf7L4Ru%2BTLfto6iFyhBlMDxiVTzU5wDwKWDBC1MOlEpKkPP5eyGLjzeiZfEGCd%2BHR1XgfqMOcWns01lGX"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ad6d33498915a25-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17641818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2222
cf-request-id
099e998f0d0000374464b4b000000001
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-32ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP84YzeJBT1qS1scHHbfP%2FUHORdtZCxeFp0Pqevo89n8ZgDdImKQsAA%2Fj7J9Ck8By9T3z9LS74nuneeWganuGhCvWN4l%2B5pJNRecvBTSMbVYqS2W9EaFhvvD1nk8stkhwH0gdVZVuwFg2M3voeS4TYhZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ad6d3368d6459ad-MXP
expires
Thu, 03 Nov 2022 09:03:07 GMT
style.min.css
filecr.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5296
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H5LAzHCOKdBOJ5jRR9YXlbzDjQDToXkm593DV9UGwbCGOT6ExSfQBD53ITW39IskEqBrxEULJaXryHQKXO5bd4uwI0qbYawGuZJqlcWetMuGUv3wetbhsCHEnMrwo1L6UbLYfVsfAY%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6ad6d3363c855a25-MXP
style.css
filecr.com/wp-content/themes/filecr/ 		61 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/style.css?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5296
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"19c-5cc72c9e32d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgzAkZni6m2Ea1%2Bo92qN8Bxof0CUQUkiTZ%2B8LirdBmrWWE1EEM42Xn0mjX29r3ULR7o8o02HXq8R2LC8afYX1Fsto4DXuKnflF9ssHxzE5k%2FEbk0uyicNsDOhWoR73Tlfs7%2BWuzS%2Bo5G"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=412
cf-ray
6ad6d3363c885a25-MXP
cf-bgj
minify
style.min.css
filecr.com/wp-content/themes/filecr/assets/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/css/style.min.css?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5296
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-1adb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXoz%2FbiyBtChIwfUHD5kJMQkBB%2FSc%2F3zXHbvmdcowG2%2FTSmjlgEwS0Xdobdaddwb5wJUx9lqbgT9k0xt0Eu577enSxc5hR2YPStn%2BiwoTooj6XzJ33hiQ0pelWqzcFEWVdAuYkX7y2Am"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6ad6d3363c895a25-MXP
main.js
filecr.com/wp-content/plugins/wp-custom-parameter/js/ 		245 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/wp-custom-parameter/js/main.js?ver=1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6819
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 13:43:35 GMT
server
cloudflare
etag
W/"10e-5cc95b36c8687-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buvpI%2FJ33HaL1fP97T%2F3XkmjzYogYaR2f7pnnOys6Ee1lmCI8h2F5AaukW9hQxm%2FrShT2tDrrIJZQLoO55FQtwGxFdxxvjK4jGAP9LCUbi225klu4fDrpGa3APXk0UsunB%2B8oO%2BNy5Zg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=270
cf-ray
6ad6d3364c8a5a25-MXP
cf-bgj
minify
jquery.min.js
filecr.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3685
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdIHawOww83KOsm3ugIJIEGDxPQjfkEVbn%2FL03mgXZX5hXrzn%2BVdqlf%2B%2FeA4pEJ1k6QcZ4%2BPxwWlKnGR%2BUTT4x7nEAoU1e5flapt2cly%2BbxFwEpkGRu2xDgvMIj2IgDJnjto3qE%2BzVNt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d3364c8b5a25-MXP
jquery-migrate.min.js
filecr.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5296
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l5YbHiXUvRPPizsFbTS6htGeQvNIU7bYlvFCqGqZRurg1lejFGXuBuafaObMqKtFFUEB2DdubjTQS7TiDqDZgY6v1wNaB7qQpYiA3ZPqOsGo16ZPkCKJV%2FpXEk%2FfwXKKHsPymMqpFer"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d3364c8c5a25-MXP
advanced.min.js
filecr.com/wp-content/plugins/advanced-ads/public/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.29.1
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1427
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 14:04:10 GMT
server
cloudflare
etag
W/"61795c5a-29e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoI81qZbTV7G%2BCCrCIu7AeSbRJypsUwAhxc5%2FFTqFmwcnc235PSCHH%2FMxN%2B4J5WyYf95BI7woBmBj5yOU9gvxHMVMsTKlcGmVoUjmteOhgYufWVhCnstj6bvM0X12oqmfm53fbZVMuZ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d3364c8e5a25-MXP
dmedianet.js
contextual.media.net/ 		426 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU709Q2E
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7df6918f3e99a25668d4dbf63a53a26658855f54b5d701305233fb25aef2aae
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-mnt-h
10-9
content-encoding
gzip
server
Apache
etag
"0d0108fb5721ff5ec3ed66ec5020eb6e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 13 Nov 2021 09:03:07 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-35
expires
Sat, 13 Nov 2021 09:08:07 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4eec8b4cf378b55ea19a79ad7d75f2e7c46a080f0448fd2353872369493b200d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
36135
x-xss-protection
0
expires
Sat, 13 Nov 2021 09:03:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
51355
x-xss-protection
0
server
cafe
etag
9984758960647962062
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Nov 2021 09:03:07 GMT
Windows-11-With-Office-2019.png
i1.wp.com/filecr.com/wp-content/uploads/2021/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2021/06/Windows-11-With-Office-2019.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
748efbe503f7c8a9ed0179768c11236eae7e6ad32059dab25869aa18e19f61e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Jun 2021 15:17:48 GMT
server
nginx
etag
"3dc98428cc85d8c4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/06/Windows-11-With-Office-2019.png>; rel="canonical"
content-length
6290
expires
Mon, 19 Jun 2023 03:17:48 GMT
Microsoft_Office_2016.png
i0.wp.com/filecr.com/wp-content/uploads/2020/08/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/08/Microsoft_Office_2016.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ddba82e7aa0e6c7402310c5a6ab64775092a5cdd628d88d000d960ae14f1b82e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:06:01 GMT
server
nginx
etag
"af6bc74ae97030da"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/Microsoft_Office_2016.png>; rel="canonical"
content-length
1028
expires
Fri, 31 Mar 2023 02:06:01 GMT
Windows-11-lite.png
i1.wp.com/filecr.com/wp-content/uploads/2021/06/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2021/06/Windows-11-lite.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
67bf69eee163ebb4a96d02b5167c003a52e8952c5728e4101f6a375efb2855df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Jun 2021 11:32:44 GMT
server
nginx
etag
"1f99e3fda4978999"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/06/Windows-11-lite.png>; rel="canonical"
content-length
42386
expires
Sun, 18 Jun 2023 23:32:44 GMT
MAGIX-Vegas-Pro-Logo.png
i2.wp.com/filecr.com/wp-content/uploads/2021/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2021/05/MAGIX-Vegas-Pro-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3a20acc6718a1d758b890762935e185bdcef93c5ae402acd0f0469c37e7b520f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 20:43:59 GMT
server
nginx
etag
"b727025294aeddd7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/05/MAGIX-Vegas-Pro-Logo.png>; rel="canonical"
content-length
4594
expires
Sun, 20 Aug 2023 08:43:59 GMT
Microsoft_Office_2013.png
i0.wp.com/filecr.com/wp-content/uploads/2020/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/08/Microsoft_Office_2013.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
841decde2dd95908450e8bad0163a509bb9e6da009901c2416c2e68dd1a7b682
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:06:01 GMT
server
nginx
etag
"bc12778a21725742"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/Microsoft_Office_2013.png>; rel="canonical"
content-length
4470
expires
Fri, 31 Mar 2023 02:06:01 GMT
Wise-Care-365-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2019/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/10/Wise-Care-365-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5d737bea2381c492cb203ba6f86d39ba15aa569af7acb086d2bf37475d0689e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:37 GMT
server
nginx
etag
"1b98ffd694b63cac"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/10/Wise-Care-365-logo.png>; rel="canonical"
content-length
2872
expires
Fri, 31 Mar 2023 01:04:37 GMT
icon-Hallmark-Card-Studio-free-download.png
i0.wp.com/filecr.com/wp-content/uploads/2019/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2019/01/icon-Hallmark-Card-Studio-free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d499569b7fd8f7e2ea1d2db03346b0bd7791ea9ba114b3d69d80fcaeeafc426a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 17:13:01 GMT
server
nginx
etag
"4f7462449716e95b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/01/icon-Hallmark-Card-Studio-free-download.png>; rel="canonical"
content-length
6810
expires
Sat, 01 Apr 2023 05:13:01 GMT
Icon_Autodesk-Revit_Free-download.png
i2.wp.com/filecr.com/wp-content/uploads/2018/11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_Autodesk-Revit_Free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4ae4475c038ce883f487a380e71a433292eb32e92dd409b01d4f0327044de18e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:18:50 GMT
server
nginx
etag
"39966e163b56d576"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_Autodesk-Revit_Free-download.png>; rel="canonical"
content-length
1370
expires
Fri, 31 Mar 2023 01:18:50 GMT
SnapTube.png
i3.wp.com/filecr.com/wp-content/uploads/2021/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2021/05/SnapTube.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
bcaed03e08f7c64607442e34049408f9644e7f8742b7f6461b513afc207334dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 08:35:07 GMT
server
nginx
etag
"f6149f2d0f12cb63"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/05/SnapTube.png>; rel="canonical"
content-length
3326
expires
Sat, 27 May 2023 20:35:07 GMT
psiphon-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/psiphon-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
885adf90cbd374aa089e03173990d608d5ff78aab43e98f9d7afe2819118fca1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:09:34 GMT
server
nginx
etag
"d3be616dfb69c085"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/psiphon-logo.png>; rel="canonical"
content-length
1976
expires
Fri, 31 Mar 2023 01:09:34 GMT
RAR-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2019/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2019/11/RAR-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ae5c83f204f2c4792a8c4953af1c83fb1c2305a0b3186e0fb2e690fef3b60ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:20:36 GMT
server
nginx
etag
"4478dd644b923c29"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/11/RAR-Logo.png>; rel="canonical"
content-length
1992
expires
Fri, 31 Mar 2023 01:20:36 GMT
PhotoDirector-Photo-Editor-Logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/10/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/10/PhotoDirector-Photo-Editor-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e42f6b525b560f5a3fceea51b80b88c0fae967e1a7908cd8eb853714ced86625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:16:47 GMT
server
nginx
etag
"ada7d1e8f80c9698"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/10/PhotoDirector-Photo-Editor-Logo.png>; rel="canonical"
content-length
9688
expires
Fri, 31 Mar 2023 01:16:47 GMT
fotor-photo-editor-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/fotor-photo-editor-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c285303264d893f3a1cdf371591e85839fa11a23a81a55d851a5d9a9959f39c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 20:33:08 GMT
server
nginx
etag
"89e2701e5cbe43fd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/fotor-photo-editor-logo.png>; rel="canonical"
content-length
1246
expires
Sat, 01 Apr 2023 08:33:08 GMT
Smart-AudioBook-Player-Logo.png
i3.wp.com/filecr.com/wp-content/uploads/2019/10/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2019/10/Smart-AudioBook-Player-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ae43f43ea7b2990cfa6dfdcaffdb361ec4b15972b989750ea3a94cd4ffa085c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 23:39:36 GMT
server
nginx
etag
"a632dfc230d04621"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/10/Smart-AudioBook-Player-Logo.png>; rel="canonical"
content-length
1242
expires
Sat, 01 Apr 2023 11:39:36 GMT
Elevate-Brain-Training-Games-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2020/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/10/Elevate-Brain-Training-Games-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
145aacacbdc91f9483deae94c9e2c9b6feb0443d238f75aac1fb394f5a647adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 01:36:50 GMT
server
nginx
etag
"fd9ec812f931245d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/10/Elevate-Brain-Training-Games-Logo.png>; rel="canonical"
content-length
6058
expires
Sat, 01 Apr 2023 13:36:50 GMT
powerdirector-icon.png
i2.wp.com/filecr.com/wp-content/uploads/2020/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2020/05/powerdirector-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ada291c40e0a9e1a16027017afca21159ce7d9e65f4235c268e879777001c59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:44:49 GMT
server
nginx
etag
"e365e2c03bc40b29"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/05/powerdirector-icon.png>; rel="canonical"
content-length
3518
expires
Fri, 31 Mar 2023 01:44:49 GMT
Athentech-Perfectly-Clear-Complete_Free-download.png
i3.wp.com/filecr.com/wp-content/uploads/2020/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/04/Athentech-Perfectly-Clear-Complete_Free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
301b7f90883a5eae0d1ca90254142e6efec3cb42f61d1a25b9509353575052b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:43:29 GMT
server
nginx
etag
"00942bbc192a5222"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/Athentech-Perfectly-Clear-Complete_Free-download.png>; rel="canonical"
content-length
2998
expires
Fri, 31 Mar 2023 02:43:29 GMT
Icon_4K-Stogram_download.png
i3.wp.com/filecr.com/wp-content/uploads/2018/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 16:25:23 GMT
server
nginx
etag
"7062f5e5d4dae892"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png>; rel="canonical"
content-length
3176
expires
Sat, 01 Apr 2023 04:25:23 GMT
Icon_4K-Video-Downloader_Free-download.png
i1.wp.com/filecr.com/wp-content/uploads/2018/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Video-Downloader_Free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
16b9e32d2030053b8337c5597c606a4903c783429172b9b47375821b60eb8c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:37 GMT
server
nginx
etag
"3aa3f93d2a4a815a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Video-Downloader_Free-download.png>; rel="canonical"
content-length
3842
expires
Fri, 31 Mar 2023 01:04:37 GMT
VMware-Fusion-Pro-11-Free-Download.png
i1.wp.com/filecr.com/wp-content/uploads/2019/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/01/VMware-Fusion-Pro-11-Free-Download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
bad6e1ed92fe187e743458017d2aad31b26c3288f8503e6214c56ddbbae04d69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:20:37 GMT
server
nginx
etag
"5dbd34cb0eb0c79c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/01/VMware-Fusion-Pro-11-Free-Download.png>; rel="canonical"
content-length
3334
expires
Fri, 31 Mar 2023 02:20:37 GMT
extension-feature-image.png
i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 11:51:17 GMT
server
nginx
etag
"d80f3bfe22caf697"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png>; rel="canonical"
content-length
10528
expires
Wed, 24 May 2023 23:51:17 GMT
script.js
filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		2 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.10.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3471
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Jul 2021 11:56:39 GMT
server
cloudflare
etag
W/"60e59677-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BpViEZ5KZst59S%2Fpcm9aylwmLJF9QrwTbdCdwC%2FttiVERbwxR0r9n0ZcRtawVPGOmrgtoqQykLcut8a2jIccCRkLjKMHSWoM7mOE9LT4wudPHPGw0qAdUW9nKb4GFlTLRsgtnV1F6iL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2962
cf-ray
6ad6d3368d4c5a25-MXP
cf-bgj
minify
ads.js
filecr.com/wp-content/plugins/deblocker/js/ 		126 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/deblocker/js/ads.js?ver=3.1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6818
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 21 Mar 2021 11:33:20 GMT
server
cloudflare
etag
W/"33f-5be0a50e9c000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tdfh2ZXqK1olyAJllECvn4f1Y2dY3U9esUbuJu2bm4hxivxHq3V566SxRxnDIgB662KQoCPGXODR%2Bc3UiJXqVdR07jg6dbsy44SRWKMfEUOvJaIYGwZSsIHgvOrWTtf2VoEADQ8EapAK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=831
cf-ray
6ad6d336adac5a25-MXP
cf-bgj
minify
advanced-ads-pro.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.14.1
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3b63b8204bb5b1c874110eb937fa664ba86fa33df179d11384dcbad188f434c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3471
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 14 Sep 2021 18:49:12 GMT
server
cloudflare
etag
W/"6140eea8-152f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BYccpndx3bym709t2m%2BIcdcVTge8cduoRy%2B0qeVVkhI4djNcSqVigTEbiSJUDnkRlAap7qV4S1I0l4zIiGnC0iDBmRXwK3UlOMycxXjiqpD3xhRKNxPHEaXbuL50nNgEFDJ2wgjrPwf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d336ee355a25-MXP
script.js
filecr.com/wp-content/themes/filecr/assets/js/ 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/script.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5295
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-4d0f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHlIreii7xVgfch7IErD2smJTDGdwrK75%2BBYCRhoEgVBr9k%2FHHC1XEpKHvq4GhbZCQk3yt4MH600UxZESX%2B7xm1ZpyuzDNUaurP9NDFgK2nOnYhVszmk9JgSm6qlo0ScXQ4m%2BeJN4K%2Be"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=315638
cf-ray
6ad6d336fe435a25-MXP
cf-bgj
minify
ratings.js
filecr.com/wp-content/themes/filecr/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ratings.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5295
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-f89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXtKdjKaf0sBXxg4s2G51X45uMGVAlFqg6JYHhxTcSIu5Qj5S9MYaQzStGWFNzg2pUd5QLv9SFuwMpR2jFY7vvR2mljDcibNNE3RtrH86r64jPOhMTk3P%2F7EP7fNph6QWY2JqhmM2o7z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=3977
cf-ray
6ad6d336fe445a25-MXP
cf-bgj
minify
confirm.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/confirm.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6817
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-842"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSL9%2Fc3bC91yvGg5ahryBAokXxJo2LEyWR%2FrFFKDk15p3ZcFDPDk%2Bz0Y3wt2%2BPEmR2N20%2BZGb955No%2B1SumozlSazp39a3vS7g4n9BYLnhDncIm4EktKMOUC%2Fz6m%2B221tEdSfLSdAHe2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2114
cf-ray
6ad6d336fe455a25-MXP
cf-bgj
minify
ext-notification.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext-notification.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2394
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-88e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mnm8tc5M3%2BgMVZAvcNQrFuw7noyibmAkRhhTYUS%2BHFFi%2Fs1n%2BjlS2UCheIKuZI1r%2F8T3vA59aqUuGYbXvnRmf8Hnq6jl%2BDpEa9j7hK4CrHUBTD%2Bkw7QHhICExzz%2BxJlpdH26fLNYyiHV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2190
cf-ray
6ad6d336fe465a25-MXP
cf-bgj
minify
custom-front.js
filecr.com/wp-content/themes/filecr/assets/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/custom-front.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6817
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-47ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpQ6YQFnQ4g6ImHhAiVuiViQRzVKoaAyz%2B1NY8sWFvNSqDpcmdKjg7VLVQ1tNlZJEOsIvg1oqJsZORGcfoCSIL0F5aZgRAYMF38%2F%2FwAXcezUouOdj7BNkkrxJQDqdJCtFyxHyuLYoQat"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=18431
cf-ray
6ad6d336fe475a25-MXP
cf-bgj
minify
ext.js
filecr.com/wp-content/themes/filecr/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6817
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-36a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vII45l%2BtBHf3%2F9mLgp4rvx%2BqgkVAoTXq%2FHOnpkc0gv3XQ9c9TuZsmizSUudzpJpKipzv6a8XZNoEPv437mL2iBezbN8Ps02G%2B3Ai7JFZna9LYMmNlmg6VA7RubCuQ6mGeDAy10U4lRtD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=13986
cf-ray
6ad6d336fe485a25-MXP
cf-bgj
minify
base.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.14.1
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a4d0cfbf6f74dbad3eb854323ca38e4154c6e49f97636dab357a8adce6ff8db8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3471
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 14 Sep 2021 18:49:12 GMT
server
cloudflare
etag
W/"6140eea8-16b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPMlFbcVbqa%2Bk%2FlN5%2FIIJDy%2BozZOzAcd%2BBuVMN9AGBpiP1ZFFnrgdtr4jCnuEsRAqriBJer0baX8rV9z8qksbWK8N6IwSD5bhx7rYo6vCy54q%2FSWsF5aIKfdhbR%2BtCKFlMlFjbeXHvg5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d336fe495a25-MXP
wp-embed.min.js
filecr.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5295
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
cloudflare
etag
W/"5ff5d754-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cyBA7J5iyZIPIcKvktQLYJNFRAW9l7XS0pniC%2BJdIuxppDbNu9BmGoWbBSKPYx5azSC3N5%2B73nor1e3U6Y7M7ZzaNy9%2Bd9P6eh1fLvI0p6QxqeqsEI47D6vYofPod3CxtGhFok%2FLoGB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d336fe4a5a25-MXP
wp-emoji-release.min.js
filecr.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94410900864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5295
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwhjwI8BgG9ob0epVnJrNo65K%2Ffb7Z1Q0hup2%2FA7e6XRGimBEfWA0IVdijTRolV45%2F5BacB4BgsV4I8OWqKmx4E9iJOPqcsOokiez1OFr6KHfZnP303JUc1yadYMNnakOenn2OUjALoO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ad6d336fe4b5a25-MXP
filecr.js
cdn4.buysellads.net/pub/ 		591 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
51b1c0e083f88a9cdcbebc4e01212bfc778f0a82e85d0b8529ae1a769cf1cbea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 08:57:57 GMT
server
NetDNA-cache/2.2
x-amz-request-id
EVQGR4C145GW5YHC
etag
W/"cd5efc4419856937c7ef2de6eea27dcb"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
N0YrJKE/TeC/wPCSQqzqn2ywA+CTZKS9pfXce8dDh7la3Zh1sjkma97OY9N8chrx9KleLMP9eAw=
expires
Tue, 08 Nov 2022 09:03:07 GMT
Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
396406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30064
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-7570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTu6sF%2Fzog0yE0cq%2FcNBQ9kTxRm2gxJTeFO7ohX3223eLyOQSicaxxHMlu0%2B3VhHpQ4yaopt2QwRv5WipbtJlD1sey9Y6XzgaZcvpo5HxPuxT7NwEaKlEpUXnNXozP4AwmrQREyuBzCJ35VtV%2Bu98gSU"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ad6d3372ec959ad-MXP
expires
Thu, 03 Nov 2022 09:03:07 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
comm
webcrx.io/extension/ Frame 4834 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webcrx.io/extension/comm
Requested by
Host: filecr.com
URL: https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnFj4DaaBd5MAxpOQyIZFxogjVKfqCS6OFybVpN9pgVzAjlD4d9pi36fSomcXoYvGcIM18F8lueqR0IPngZ6kFdcAinxlA5lVCOcneUYgbuu1mao23uQ%2BFcFO3O%2BB7J9wpmGznI4QxI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ad6d3388915375b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08ea0fedbd4d5d95244537e3a58464d99e6e94e4868455954b9818edf7e1ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
51381
x-xss-protection
0
server
cafe
etag
11293199948906094009
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Nov 2021 09:03:07 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
98309
x-xss-protection
0
server
cafe
etag
13474340241825499027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Nov 2021 09:03:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 56BF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 13 Nov 2021 08:20:20 GMT
expires
Sat, 27 Nov 2021 08:20:20 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
2567
cache-control
public, max-age=1209600
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1042 / 475 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26742
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 09:03:07 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.843946561774587
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
5PNGGHG9P1D9BCKR
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
Npih+ENezgIQmmEh09ypN2xb6HKhkYoIKZHUNb62pQcvimq2GVh1VdT+mQF1qs1XBSL5dAaxVlQ=
expires
Tue, 08 Nov 2022 09:03:07 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.843946561774587
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
5PNKPS3AT9C78TRS
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
vt3fip7gfncp3UAozrRtrym37dcWIaEUXB9QPXY9C+qcWiQOUvRwMjdNJLvWmJjNo1uu32gzI6k=
expires
Tue, 08 Nov 2022 09:03:07 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3721
date
Sat, 13 Nov 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sat, 13 Nov 2021 10:01:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		200 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=filecr.com&callback=_gfp_s_&client=ca-pub-3553508983172692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
778cffaf613e570286978326feeb5c293c32d8fad04cad5344cb2abd3cb87666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
clear
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tn=DIV&id=site-alert&cls=alert%20fixed&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1C3B 		152 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1636794187&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187670&bpp=3&bdt=461&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5669502766711&frm=20&pv=2&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6333cd2417a043d595e5b6fe830a0154dc0d56d6c282e74f8709623f9effb17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
42808
x-xss-protection
0
alt-svc
clear
expires
Sat, 13 Nov 2021 09:03:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame EB27 		87 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bad63fe628ef1a8d92457e8270efe6896076cd67a48e06a24be04f54f7843c35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
31299
x-xss-protection
0
alt-svc
clear
expires
Sat, 13 Nov 2021 09:03:08 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1969751287&t=pageview&_s=1&dl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&ul=en-us&de=UTF-8&dt=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=708810852&gjid=2009383045&cid=1400227792.1636794188&tid=UA-139662474-1&_gid=363967678.1636794188&_r=1&gtm=2ouba1&z=191684866
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 09:03:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filecr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
45
x-xss-protection
0
expires
Sat, 13 Nov 2021 09:03:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A350 		69 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48d4e31d17390e2dc2cc21ab22aeadb9237a5f5726aad1a67bdf85465372d51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
28036
x-xss-protection
0
alt-svc
clear
expires
Sat, 13 Nov 2021 09:03:08 GMT
cache-control
private
localstore.js
script.4dex.io/ 		483 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2250042
x-amz-request-id
txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2
txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified
Mon, 18 Oct 2021 08:01:51 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KWjVDPa4VKyw7IiyYVU8hyEcmbfiaH2p2H%2FxBAF%2Bm2Db1R5Qw0pC17fbx1RiPqCPKElsbV4KvhLxoMHZ9AaBBA%2Fz1Ma07vu87iSZgy2s%2FZjdmFVHeNfOpj7SnBcn7Wdik2Tm6hsS3kk91NI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1634544111259554
cf-ray
6ad6d33cf85d0f7e-MXP
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Sat, 13 Nov 2021 09:03:08 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9518434f960a182a8a80f0e47694b7ac596acc6545c9e42d6f867e3fbbc366ac

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4271
cdb
bidder.criteo.com/ 		18 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=55959602542
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
adreq
ads.servenobid.com/ 		699 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8183
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
161bb8d37a932eb15170c2309bec48da7d09e01df1d4eca3be007599b904ae9b

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://filecr.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tk_flint=pbjs_lite_v4.43.0&x_source.tid=f27b5ad8-448b-404d-a1ff-ea6c0650c732&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5335771710050239
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f60e4ad0c0a17f5bf1b1c580ba75d741b2feabbb5e215cbd75353aee3d0f7852

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tk_flint=pbjs_lite_v4.43.0&x_source.tid=715882fb-3152-4c12-afe5-8b4b5879d008&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5973189687459075
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
55b2aa83790596c302fa2c691f98b46cd863b1ae8adf189d45df8bbcb7b063d5

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tk_flint=pbjs_lite_v4.43.0&x_source.tid=4eead3bc-50f3-4870-993d-0b08a9b7d41c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5407080175841159
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8d6c1a43a17be9da61be84778982b8c21d4cba89ad69c017f6d28c2deff5d74c

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tk_flint=pbjs_lite_v4.43.0&x_source.tid=03bb71e2-207d-4a30-ad25-203a3d7d0473&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.781370145512289
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
38cb746a6352c72e8d0a1d25e0976b2dfa2b33c96d92899fff483f84c4c29812

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&tk_flint=pbjs_lite_v4.43.0&x_source.tid=2a1ea8c9-868c-4804-bb53-dd8caf6183f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.01351442984292106
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
aa4313c8f21587e748268c9985e71b20119a7fefa6cd42703336fa347502cdc2

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1636794188269&secure=true&version=9&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&measurable=true&bids[0][bidId]=23d5164d8a568af&bids[0][config][property]=6115725d81c45d000f945f3e&bids[0][config][zone]=FileCR_S2S_Leaderboard_ROS_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=24fee7f8a824de6&bids[1][config][property]=6115725d81c45d000f945f3e&bids[1][config][zone]=FileCR_S2S_Sidebar_Right_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=600&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[2][bidId]=25565f0cfb5d583&bids[2][config][property]=6115725d81c45d000f945f3e&bids[2][config][zone]=FileCR_S2S_InContent_ROS_Pos1&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[3][bidId]=26ab484407e1c83&bids[3][config][property]=6115725d81c45d000f945f3e&bids[3][config][zone]=FileCR_S2S_InContent_ROS_Pos2&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=272caaa1a37b2ff&bids[4][config][property]=6115725d81c45d000f945f3e&bids[4][config][zone]=FileCR_S2S_InContent_ROS_Pos3&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&property=6115725d81c45d000f945f3e&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4e38f3bada67f21b0cd8f6d80fc0eb4e00db3376ce23e10f57d4198e49f42d85

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:08 GMT
x-powered-by
Express
etag
W/"38-ofI4P9ahAeskmPwrfiumtuHp+Wk"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		583 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
db697fd676dce217334d446b218f2c6b4a8e6d21baad158d5bf174f6e9639545
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 09:03:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f8baea8c-3705-406f-a6e7-4ae1b6274572
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&CanonicalUrl=https%3A%2F%2Ffilecr.com%2Fen%2F&PublisherDomain=https%3A%2F%2Ffilecr.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e376d262896b627dc718e127e91def860389c8ec1df39292e7ecaf279286739b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:08 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
prebid
mp.4dex.io/ 		99 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41a29d493480b7be81393fad7f5edb85fe59632f403abdcee92367c95852204
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ad6d33d0df9374d-MXP
server
cloudflare
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280b04cd001d&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
dd6ae851545d8c9d4ddf9c4fdb5b5be9d5117feeb50fc7a139c3e8e86b873d18

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
317b82c9ad19ba5131f7bd4046d849515c6edb77aaacaceab65ae19b30deb556

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1e337068ce953a62bfd5194c344846aaba3f404df2f85c76006f51cffafe1dcb

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280be73c001e&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
630591a94717bf0928577242eec0a467ff45475f3cee67a9f1b2d3c64d292b9f

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691a0017c7c2769342812c4ac0020&pos=8a969d17017c7c2764ee28140f1d001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fb4629a480d46bcee6690079f29a9cd03084758fe28ec696eb4b1c0970d2263a

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7e309ed2b8ef0413f3ef7afed63f7111ab791f80e128042ee58c7f61b80cbef6

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280c36f30017&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1df7816f0704cb8087e238d0868d7eeb714c635f1bb705e471defc8aad078457

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
bc3408cac4118bebf9f1d478191fe07f46b5d579da8548aef66e3d5b26eccd8c

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6a16bfb3712d2de0b847d073249eda013d9c270c6ce949ea0cd02c65bd5d130f

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a5412f10babb1a268575accb85b5fb60afa8ced50e98e7a1a8473b1def892850

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://filecr.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2250037
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txd978c7f44abf4dacaf3bf-00616d2a15
x-amz-id-2
txd978c7f44abf4dacaf3bf-00616d2a15
last-modified
Mon, 18 Oct 2021 08:01:50 GMT
server
cloudflare
etag
W/"cae476c264f28e37aca638d685ba55b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDp4Pl3Q82Z4A2mkBjbai2YyB4m66JdIhf2NFsmOu4hcMYg0249YDYyhIX1cSXj2bJEee1Od5HhJdZxz%2BJqV4kczDTMpEPJAln0o566OmqShijvy3nZbhVIP%2BOcQ0RQHZ0MLiQyrVMbMCSNl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634544110326910
cf-ray
6ad6d33d6e87374d-MXP
access-control-allow-headers
Authorization
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82306ee1c73645fae41bfa4f4e61309db035fd5a07e56b6f35519700db64234e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
53467
x-xss-protection
0
server
cafe
etag
8418792491725364551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Nov 2021 09:03:08 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame 365D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 13 Nov 2021 06:42:24 GMT
expires
Sat, 27 Nov 2021 06:42:24 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
8444
cache-control
public, max-age=1209600
alt-svc
clear
12688229624636001290
tpc.googlesyndication.com/simgad/ Frame A350 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12688229624636001290?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4VwJfKKEi_391P2NbiFEdvnhFOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 04:05:45 GMT
x-content-type-options
nosniff
age
190643
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
46457
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Nov 2022 04:05:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame A350 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:47:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A350 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A350 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 09:03:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A350 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:52:28 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A350 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 19:25:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
11380
x-xss-protection
0
server
cafe
etag
3114995264824872082
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Nov 2021 19:25:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A350 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Chy60S3-PYd2kOcT91waOnrvQCZ7Rn6pmi_ms_soO6PiR_JcdEAEg1cKUdWCV4pCCoAegAb-1xrwCyAECqQLXvtnHzYC2PqgDAcgDyQSqBNwBT9CipHvY33yAJ5HiZ9C0EuAH8nmTbeVNPUw3Du7yTJQ6k0UKUNwOWeCg8IKOl46uIXHfY8EjHfu8VlrlSFNOKFQG0JjFOnGoBunb9rqZVb6lCX15RpdgLeNbQXFS4Dhww_VT1rolFmsrYAN4MSgkxitRJEGsq0uSFfoXMPXSWXCmIkCktE2bAEqdnwCvi6jAZT_JbqFzoFTPHFYMnkdX1sA3YG9I9fW86AUP8CAxRFcFA3F2lZW0UyKibl7PQFlo0jeeihlsFfwHTkrvMHhue-nGumWV7egQi2vg6sAE1uOC2dQDkgUECAQYAZIFBAgFGASgBgKAB6nKucMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQsdEs0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM1NTM1MDg5ODMxNzI2OTIYAA&sigh=tWwHCrH0X3g&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Nov 2021 09:03:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Sat, 13 Nov 2021 09:03:08 GMT
css2
fonts.googleapis.com/ Frame 365D 		4 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 08:02:04 GMT
server
ESF
date
Sat, 13 Nov 2021 09:03:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 09:03:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 365D 		205 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 16:14:01 GMT
x-content-type-options
nosniff
age
60547
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 12 Nov 2022 16:14:01 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 365D 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:59:34 GMT
x-content-type-options
nosniff
age
140614
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Nov 2022 17:59:34 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 365D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
8107
x-xss-protection
0
server
cafe
etag
4972561305884240788
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:56:37 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A4F0 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 13 Nov 2021 08:37:41 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1527
alt-svc
clear
css
fonts.googleapis.com/ Frame 96FE 		3 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 07:58:17 GMT
server
ESF
date
Sat, 13 Nov 2021 09:03:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 09:03:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 96FE 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:02:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 96FE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:47:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 96FE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96FE 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 09:03:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 96FE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:52:28 GMT
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame 96FE 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 17:41:23 GMT
css
fonts.googleapis.com/ Frame EB27 		3 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 07:56:42 GMT
server
ESF
date
Sat, 13 Nov 2021 09:03:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 09:03:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame EB27 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:02:03 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EC01 		143 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 13 Nov 2021 08:37:41 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1527
alt-svc
clear
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame EB27 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:47:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame EB27 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB27 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 09:03:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame EB27 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:52:28 GMT
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame EB27 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 17:41:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EB27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTJwpS3-PYbnONoGFxgLi0rGICMm2yeZkx5XK2fYJn9Dtu5UOEAEg1cKUdWCV4pCCoAegAe2zhcEDyAEJqQILlPdm_jKzPqgDAcgDywSqBNgBT9DV_-_DQzSEZ5Nuc-ByfvqQ6kSWY5TaHFIO0c-Ue1lvVb6gEQFGR_k8b6kx4adb4fg0tyBZUQJcxrBjSxyrbBHekubGeUp0w1lGIlcNtGb2VvZ7ckCbvLeO5iMdrE5enFVad3W3LR-mbPffs0oFtBR-8JcbX532uFD1i0dX_QlPmlhbKprlB4nh1UeHwogbZkHr4t0GmP9L2MvnjlgJgfiQLKsXnLYEfqiy96h_OYn-fquUTaodDIJrHDrruKEY4pmXL9rI02TFRtQ2t8oVwrFLIVp_LH-WwASv_-DjgAKSBQQIBBgBkgUECAUYBKAGLoAH-8v6PqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELHIVdIICQiA4YAQEAEYX4AKAcgLAbgTiCfYEw2IFAfQFQGAFwGyFxwKGggAEhRwdWItMzU1MzUwODk4MzE3MjY5MhgA&sigh=WvoY7xwxR_M&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Nov 2021 09:03:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
truncated
/ Frame EB27 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame A4F0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Sat, 13 Nov 2021 09:03:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC01
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Sat, 13 Nov 2021 09:03:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 13 Nov 2021 09:03:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2678708164934123&correlator=2319757786490902&output=ldjh&impl=fifs&eid=31063206%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8691100%2CFileCR_S2S_Leaderboard_ROS_ATF%2CFileCR_S2S_Sidebar_Right_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos2%2CFileCR_S2S_InContent_ROS_Pos3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C160x600%2C728x90%2C728x90%2C728x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508894724-7_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508935810-9_123456%26optimize_inview%3Dfalse%26hb_size_sharethrough%3D300x600%26hb_pb_sharethrough%3D0.14%26hb_adid_sharethrough%3D67650ea15cf96ba%26hb_bidder_sharethrou%3Dsharethrough%26hb_size%3D300x600%26hb_pb%3D0.14%26hb_creative%3DBVbSRuzbUWjBEF6bQrmLHKkX-3841540%26hb_adid%3D67650ea15cf96ba%26hb_bidder%3Dsharethrough%26_bd%3Dbid%26_pl%3D0.14%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629214863639-0_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215045012-3_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215230348-3_123456%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dfilecr&cookie=ID%3Dfc87a1460e26a851-2234583251cb00e4%3AT%3D1636794187%3ART%3D1636794187%3AS%3DALNI_MYP5x0AVo-Xb1IikNK_7IwsSXRpCg&bc=31&abxe=1&lmt=1636794188&dt=1636794188654&dlt=1636794187208&idt=757&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1073%2C200%2C200%2C200&adys=3100%2C453%2C522%2C1540%2C2558&adks=1202396793%2C1436553605%2C1058625133%2C1413693914%2C3977682169&ucis=1%7C2%7C3%7C4%7C5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&msz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=true&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C0%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
eec3b619999b1d35f59aa561731b7d64623b0c7bbb6aaee35cabc5bc394eefeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28494
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filecr.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A80A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 13 Nov 2021 09:03:08 GMT
expires
Sun, 13 Nov 2022 09:03:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
truncated
/ Frame EB27 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89e53ebca5f0fc3cd2e66b68b2de01494b9612c27d28bc935994978d19eb47a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame EB27 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 02:15:39 GMT
x-content-type-options
nosniff
age
197249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 02:15:39 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame EB27 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options
nosniff
age
398502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 18:21:26 GMT
truncated
/ Frame A350 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17c75b4dcae5ab3517f9b90ba0e00d3aa9a103be31495c7eda513111cb1e7e4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 9FF2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/243943458127976986/ Frame EB27 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/243943458127976986/downsize_200k_v1?w=600&h=314
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb7f11ed662ecbcf3ac062732a680aa286d5911ff6028a7e705efb9a23bceeb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:36:25 GMT
x-content-type-options
nosniff
age
80803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
34646
x-xss-protection
0
last-modified
Mon, 26 Aug 2019 07:31:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 10:36:25 GMT
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 6688 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=3145558973&adf=3712879507&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187673&bpp=2&bdt=464&idt=180&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l2PbWyQQKd&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame AAE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=1761166534&adf=3132200020&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1636794187&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636794187675&bpp=1&bdt=466&idt=225&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=5669502766711&frm=20&pv=1&ga_vid=1400227792.1636794188&ga_sid=1636794188&ga_hid=1969751287&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062938&oid=2&pvsid=2678708164934123&pem=858&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AIOw0PkKLO&p=https%3A//filecr.com&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7be2e7406b3bc5fc882af9b3cb4479fd460bafd405b01fb9b448c0740185f18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9254
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 13 Nov 2021 09:03:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0C24 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 12 Nov 2021 20:35:44 GMT
expires
Sat, 12 Nov 2022 20:35:44 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
44845
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame B69C 		783 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03a8441bf3cc77d028816d64bd11cd4269470bd17c10344e45a745ae6790b30a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x4M2YN8niHtqk2cXo2OH8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 13 Nov 2021 09:03:09 GMT
date
Sat, 13 Nov 2021 09:03:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-x4M2YN8niHtqk2cXo2OH8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
clear
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 0C24 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B69C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=2678708164934123&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=2678708164934123&bg=!GhmlGV3NAAZQLpa_UC47ACkAdvg8Wj_ezYelpqhfqzDjvxI9gnXM-7Zbh5dLVlW5LicLviKF37s_lwIAAABXUgAAAAdoAQcKADXYtXacF67BnD8aojHnOE6KRVqeloYwzt77AXBlLsZgP6AQNAzFkvwAfPOX-wLTzB6JBL2YuJkCuU_tiHMq9OutjlSL_Y1XmqOZv-CcZ-EPrTqDjDTl0tsjRFwQYn2hGpFAURY6s8g1vfI4mIwF2365Db7pnt8FeDqei-6mlglWbBbi9aZhCG-wYci0t2hNp3t9pO8J1yrZQW-QfJsh_VKHi1Id6CsKkAq2bQSzAJnDgjDxyevwy9OdywvF7A7gXZ3idknf0VyRHUWqf7FKQaPmR57A8XgnziKU2nryuJSLK33gUe9lc_4YsSOkAY8qWkRYVmOXjzTYQ7O3t0OdvMn9A-OaIYn0d4mpL3-CeDd3ckda-tnXvC73LOtBe1YBMvAhciX6VTJCCZ2kLsPbWap4A7BEpEmqpUc0P1CgFkYXNK5sNPpeRDUAfQHWDoMhzGLK_DZ1viOI9nNTNeHeWqwBPGExh-AYoFH03WWdkD76_L1-UZX6IMHVS0CIJJlgjpDhdqp2MsuOWUQtWKWHdjXqt4356A-EAiNL4fT1_ARC58iiVjx6tl1Jvcxx-3kHYOCP6ZJk407xkRFGiJZVQOhNzlMg-P1HVfIU8AZvjqM6XTi_O4czZkYXtraNSEIhK2tIDSbaSaZa7O4PR1fGkM9FMD_gDw6EjW01EXXpNFgXICANeyUv0ZAv70W9jAucszjcQUG2fS9g-nctUVMwEAtUY53miSCzlJkazCD1YLs41YJiCwJ2zKCER9rq6r3rdF5qJSR9E1g95CSS-pRU8CvMkqaiYDTzMMgxQy6foIr5g4c5VyM3GGhcbBQbdIbWLjLhmalTJw-0q4trMO3SJk7DxT7-9sQluEanpZ-q8901hhgwRoFF87eL8VRUVWvAsbWTWNNor1QgH8NsQo9w8_LWqDnyBEbXhEXtD4jWb8U1loFJsaSz_muTWLn0a1TAmxNzM8XiO85ljtPZAllIF3sz6e-nJzGNEgp6NwfDzYvhsO8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame B9C5 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
55667
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame B9C5 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4996
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame B9C5 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28494
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame B9C5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1635
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame B9C5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
12816
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
truncated
/ Frame B9C5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba1fad3df2fac0d0f219465ee024b2400bc84e02a6d85f7e12f2a6147a71ad3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
15117049097858125014
tpc.googlesyndication.com/simgad/ Frame B9C5 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15117049097858125014?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlSr-Quu4VvLySTDE1KHUBkgLFCbA
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
588602d1773a061ce5690cd0d166e05a3458322a52a1b52bc05c44dcb7acb482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 19:49:39 GMT
x-content-type-options
nosniff
age
47610
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
111401
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 13:40:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 19:49:39 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9C5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
12669
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9C5 		295 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
33610
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Sat, 13 Nov 2021 23:42:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B9C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTBa6TH-PYYyXLK6ZrAS-2KKoDoX8zbdmoavdwIMP2dkeEAEg_N_oGWCV4pCCoAegAfGD_ZUDyAEC4AIAqAMByAMIqgT0AU_QT45mWdGcV_p_yZ7QXC95SgT4tnaMpDBX1svRuKdOZfQvIuRNEMjKqnhYkyTRkMCkb1UD5R_5256LEElBjIWGX-zS2wik5FVP0CRba2Tl6HLiV2kxLXZ2yQggYGKF6wJTcw1Mtsxev6rZov6FuvPBcYBQA4cyleoGk4tAwfeVZ3HG2nMpxjHZkiwOUYTwxNpQWtCQi4FFF6zjNTkDPPSK86VfGEiyMDqMt6kIZmAyqr24rPcA2q_A_cJZa65mbsReznX-jC-2JfmXL136Mz2ov_mNqV5ksnQAl-xWD_1ZJHsc7QzyXHgwiKBIGnyqGWLeE5DABMKv8rfpA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeF7blrqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQieED0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTIwNDk5NDgxODAwNzkyNjQYnJMP&sigh=-aSrzPufiBY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame C979 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
55667
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame C979 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4996
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame C979 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28494
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame C979 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1635
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame C979 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
12816
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
12688229624636001290
tpc.googlesyndication.com/simgad/ Frame C979 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12688229624636001290?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4VwJfKKEi_391P2NbiFEdvnhFOg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 04:05:45 GMT
x-content-type-options
nosniff
age
190644
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
46457
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Nov 2022 04:05:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C979 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
12669
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C979 		295 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
33610
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Sat, 13 Nov 2021 23:42:59 GMT
truncated
/ Frame C979 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdc31fa8d243005d788848ccf39008f58b2158a61c49995bdddf8781fa2a8add

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 5338 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
55667
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 5338 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4996
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 5338 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28494
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 5338 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1635
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 5338 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
406545
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
12816
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5338 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
12669
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5338 		295 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
33610
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Sat, 13 Nov 2021 23:42:59 GMT
truncated
/ Frame 5338 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c22cc7e5602f828754366f31d77b57ef0bdb446cdbb629bbdaf839037b620f4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
container.html
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A121 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 13 Nov 2021 09:03:08 GMT
expires
Sun, 13 Nov 2022 09:03:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
clear
container.html
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 775E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 13 Nov 2021 09:03:08 GMT
expires
Sun, 13 Nov 2022 09:03:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
clear
l
www.google.com/ads/measurement/ Frame C979 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZCjXx-0QWM468L6EmyEBY9damrrOPm1247rOvhxwxv5H6y14s4w48mhfJBXPvCyaBxyepIXVgY3wC588FiJ6awwwi9Q
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C979 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0Cy2TH-PYY2XLK6ZrAS-2KKoDp7Rn6pmi_ms_soO6PiR_JcdEAEg_N_oGWCV4pCCoAegAb-1xrwCyAECqQLXvtnHzYC2PuACAKgDAcgDCKoE-AFP0FdcgztWmUvSE9-naZ6Q7vMqfmq_R7nyl2KY4NFHGU_qxTWQD4sH9-L1fvMbj0Yf12KIAWKx2PNI6yieshAct0t2w9qVoEScWsu3mYcpnrtw_uCOvhBZ5JsSsxOtaLSxqem-qLndcVj6lHUrcfe7piWAFromek02_iwbEGgBExn4rnI0vKM9dKwogoF1qgUufwMlFojZTDosKRLYS3LAxQVjVe6c5ma0C7DWaSdAfBx8fAR7PvnztLF13X3clOHiWEHncVaoaoSIqmS7rTjCM6DK8nUzAl7y2isVTpwIL3xC1RTm79MLUZFia1riDL_Bv63zTNsunsAE1uOC2dQD4AQBkgUECAQYAZIFBAgFGASgBgKAB6nKucMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ1-wb0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTIwNDk5NDgxODAwNzkyNjQYnJMP&sigh=BCJFwA3mDhM&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
5291683277812484828
tpc.googlesyndication.com/simgad/ Frame 5338 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5291683277812484828?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkFs_cP57dFKJ-Syma-NnexMG8BRw
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
335177979af8fa9200779e33f7e8766a0b322a921f0b187fcd615182887694ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:34:35 GMT
x-content-type-options
nosniff
age
95314
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20722
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 23:26:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 06:34:35 GMT
l
www.google.com/ads/measurement/ Frame 5338 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkT0AMY_o_dg0KCd9DIILP_CG-zX6MehANCoDnU6SdOkDjDinlgGWDuaZg9lDQ1waOBEVMCIE_tOD0ahFC0vs0sAJsQA
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5338 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CshDUTH-PYY6XLK6ZrAS-2KKoDtHAqbJmhZLdrsgO-NSJ0oQpEAEg_N_oGWCV4pCCoAegAfGA184CyAEC4AIAqAMByAMIqgT2AU_QKY-0YWucq9dMyzJhZIRyS_vXpBEY18YjfBDM97L1F0WRP1Goj2nscAeSm07Lky6GBQnF-SwthFVTcppmQWksHaC96Czi5rTOSduVeDrKdpRAtcYj5_GneRCupV0KqE-TkUn2QPTUioSpAp_Gskyxw_rAMXWErHh3VWTV5nTzQZB-Wj3poOPSoVr4EqbuPP0eqapG9WRj3TChv32DYxN-oHh3S4pZS5glyehOgB7__ZA6ScitHHL-olx1lLDjRMPkaxQOmJVx5ABg-Gcv8hltnLKEiQFi6dc3gZGRJTuF7iUDxrVmRhYCFwkMtmplBnSjR_rWl8AE66qugdwD4AQBkgUECAQYAZIFBAgFGASgBgKAB_f-qLEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQya8G0ggJCIDhgBAQARgdgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTIwNDk5NDgxODAwNzkyNjQYnJMP&sigh=t5mj2uk0gH8&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5BD5 		624 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 13 Nov 2021 09:03:09 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
clear
ad
googleads.g.doubleclick.net/dbm/ Frame A121 		51 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9631e8f398659e7a69110fd76d5ee0b5ccdd5481c0ba27667c5c901c9cc40173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
clear
content-length
25095
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A121 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0xhldCPmS3r60d4-iz-jwywPum5fT_hrwKYHJ-glwzBkXB0818c0UhAOdZTyLwkj0MEysQnWpe-JIjFvJI7RrMivcqf6hidrGS9WzEt4W9zUqE0Q
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A121 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A121 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 09:03:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A121 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:52:28 GMT
l
www.google.com/ads/measurement/ Frame A121 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkI_XrD-n0CRtsnklbks8bjJjvSzNNtE0WAI0xGP0MRmgjP_aL-DQltf1ToMjVcDdKeWmaoiY3M7ou9ZF21Rv-Waq6pg
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame B9C5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
clear
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2A1A 		491 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWz-Dy39TOt83E9mtb3DrKrfErbIaT-ZDvlLyLmw1q8_TdgqGg49ZP25WWA89bbPiTEm2WSyqYplAwd60OWTMBDSsW5vitWoQOAcAOXmGMy4VCP1-w
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 13 Nov 2021 09:03:09 GMT
server
cafe
cache-control
private
content-length
308
x-xss-protection
0
alt-svc
clear
ad
googleads.g.doubleclick.net/dbm/ Frame 775E 		52 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94410900864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96bbe642198cb06c74d175b6197943f4b1383ccb8df25b9cacc82eaf91ad0f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
clear
content-length
25284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjqTMrutEYVzTwvtUsG8Kz0DMyf8qlepW3hT2lmldJ7YF5CFcn43RYd3pJLHbU2dCE4LPOWI8cBrt28XX-ccn8qY_R3cJgI2riwgNz0NKjaf8Lhx0
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 775E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 775E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 09:03:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 775E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 08:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 08:52:28 GMT
l
www.google.com/ads/measurement/ Frame 775E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaUPLYNIq1QUtNYUe-s9X_1DgMB8vNa6Dz-d7Yd_-QfUsjSMrwcjswXnaFfpOJBCpvC0wGi3PteeZY21hl_Pmpe98aBw
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame C979
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
clear
content-length
0
x-xss-protection
0
12688229624636001290
tpc.googlesyndication.com/simgad/ Frame C979 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12688229624636001290?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4VwJfKKEi_391P2NbiFEdvnhFOg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 04:05:45 GMT
x-content-type-options
nosniff
age
190644
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
46457
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Nov 2022 04:05:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C979 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
12669
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C979 		295 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
33610
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Sat, 13 Nov 2021 23:42:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5338
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
clear
content-length
0
x-xss-protection
0
5291683277812484828
tpc.googlesyndication.com/simgad/ Frame 5338 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5291683277812484828?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkFs_cP57dFKJ-Syma-NnexMG8BRw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
335177979af8fa9200779e33f7e8766a0b322a921f0b187fcd615182887694ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:34:35 GMT
x-content-type-options
nosniff
age
95314
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20722
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 23:26:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 06:34:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5338 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
12669
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5338 		295 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
33610
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Sat, 13 Nov 2021 23:42:59 GMT
rum
dsum-sec.casalemedia.com/ Frame 5BD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 09:03:09 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sat, 13 Nov 2021 09:03:09 GMT
rum
dsum-sec.casalemedia.com/ Frame 5BD5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY9-Td0ZzwXIXUFZtwa-eAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 09:03:09 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONejMVvHs7YFv6uKfXSffI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5BD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAH6JjFXBSLVvIxbdSRLsBQ&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAH6JjFXBSLVvIxbdSRLsBQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:09 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9c64627e-aafb-498f-9809-ec5ec8e55c30
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAH6JjFXBSLVvIxbdSRLsBQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BD5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzM4NjQyOTU2NjkxNDQ3OQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzM4NjQyOTU2NjkxNDQ3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWaUN8Bz43L65GWepOUHMT136Ci3EIdSqpDcHi__EnYk5BzooxLBBrFaoOZyY2yBlcrYfSRbnWhfmMAsLeO7Mw1dSPKOxaxMk68dUEg3PxBu8b9yN4
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:09 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5c83f0ab-e744-4b0a-9ba1-0b277a96fa97
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzM4NjQyOTU2NjkxNDQ3OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame A121 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
9508
x-xss-protection
0
server
cafe
etag
4184452204472697813
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:02:18 GMT
3237826860976746945
s0.2mdn.net/simgad/ Frame A121 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3237826860976746945
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c260640cb7989e0cd963ccc8b4142725c0211945d891e84bca1b545cda9d6c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:54:20 GMT
x-content-type-options
nosniff
age
94129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
60463
x-xss-protection
0
last-modified
Mon, 05 Jul 2021 07:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Nov 2022 06:54:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame A121 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:00:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A121 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqS2U7Bt6MXjVToqLOkDugX9iKj0y_MPt2FSg3oCGvUqvgZohoxKjfezXPMgsPqpR5GuNrvhkc3-tNHvm3ROs3Z8WBm_s5MWhzwOJ5mxNqbJFicMAnNsrnz_Vj98n6UnDlBzoI0prAKvR3GTwoXjibZLfwGQlyQsR7J1Odebm8oIJilGeNVetDMW94JGPxe1Vz_ItgQvI6qcZgyQNthjHGKps3vjGvCto-Eo0HPF1ubidRrvf_wSWfJtJ57VT6PNHxwxkK1QwrPUkGWHqvse2b48PHQfxG3qUQG7fr1pJKIdlZMwsD_FI5fOHLQZZwdm24ynEhmHxA8JMaCXA9L3a7iXkRXfb0Su7mSj693JqCM8KsdwwYuQ3ZeivcrjWqz43yo0yb701UxfwHs56GFG6FwAzYQAYg2jB9qDRfqjfzKbFlKxDj-bv2XskE2H5POmvjUOnQi4nXhK90etOx24gBF5a50YEhWZ2xbIOLNELR746g7LJ2rRyVosIfHnyq9EHwOCA7JfafD07s4RTmfzF19qypU4GwPBJMgy3YjRHQUIRgiUCx4p9wkIhSh-tOy1EVSeaXmYEa2fmNdKVPzJo9_smirlbC5zRVZSXPy4WUw5BGYRV9ph2aPevsIS7nP-eFPbOg1jbE2nezVXFUPFOdGyjfwgV7HY4PxDcgq-9IDLJLCeWgMg7mc_HQbphkn1RGq1T3WOPIDlDL8N24Z90o9grnHwZcILB-g2juEjfKS1ESJxhrpCPoByPL6ASc46rGYXOWsD9t6DGSYH1VmyxiHjX4LrIimvdi_bJuPfhkGZg44HmDL86N7DUrzwMxf187EXgH3VXDGpflu5gdffknm11rh-U_HqOVKShNYUSFNUF4W2BILB7425pJ2bPsZSqTKzUGWGtst0kXIiY7ib38JhCYh0ZCznDFeuafLMLOJbW67nd2dF-3G41_3XsX1MPa5GJu0qmbHfAwPOp7vbDwvKNjU2ng8NQJFiOrjOcNU64A3TtznYj4sLe7U8vWtSf8ztxEVSMsnamf_L6pd6iSJujy7QtNaWcqmo2r6dp9nHb8oQ5Om56fKNwHprVoqlkguBMuy9hrAEjm1lx5tHdCMZU13J4ynSLVrR-LZYjYe4wGXwP3dMq4ohHgm5LmIDuqi35gh5M9_elajvMPTvOjOkG0oyA&sai=AMfl-YSfxJos0-P351_h-55L17DSllXpkOwUKp2Aiey4HSkuQhC-NbcZhmoVbBf0ttDo15ruEJjtAhTNycfppzJBrfj0lupJHot0xcx__WsQ4NbG4R12wsOl1mRVSB_fC20_RTFVJa85ER3hCRWEtSkhuZPTVS-utw&sig=Cg0ArKJSzF8O6ymYd1ZsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.41134&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 13 Nov 2021 09:03:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A121 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141208
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 11 Nov 2022 17:49:41 GMT
sd
us-u.openx.net/w/1.0/ Frame 2A1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1hfMQDBZt9jnveILxGiiw&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1hfMQDBZt9jnveILxGiiw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWz-Dy39TOt83E9mtb3DrKrfErbIaT-ZDvlLyLmw1q8_TdgqGg49ZP25WWA89bbPiTEm2WSyqYplAwd60OWTMBDSsW5vitWoQOAcAOXmGMy4VCP1-w
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1hfMQDBZt9jnveILxGiiw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A1A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmYwYTFhNzItM2EyMi0yZWI0LWQ0NWUtNDVjYTk4ZDU4OTIw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmYwYTFhNzItM2EyMi0yZWI0LWQ0NWUtNDVjYTk4ZDU4OTIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWz-Dy39TOt83E9mtb3DrKrfErbIaT-ZDvlLyLmw1q8_TdgqGg49ZP25WWA89bbPiTEm2WSyqYplAwd60OWTMBDSsW5vitWoQOAcAOXmGMy4VCP1-w
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 09:03:09 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmYwYTFhNzItM2EyMi0yZWI0LWQ0NWUtNDVjYTk4ZDU4OTIw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
v1
ads.yahoo.com/cms/ Frame 2A1A 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNWz-Dy39TOt83E9mtb3DrKrfErbIaT-ZDvlLyLmw1q8_TdgqGg49ZP25WWA89bbPiTEm2WSyqYplAwd60OWTMBDSsW5vitWoQOAcAOXmGMy4VCP1-w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
3237826860976746945
s0.2mdn.net/simgad/ Frame 775E 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3237826860976746945
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c260640cb7989e0cd963ccc8b4142725c0211945d891e84bca1b545cda9d6c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:54:20 GMT
x-content-type-options
nosniff
age
94129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
60463
x-xss-protection
0
last-modified
Mon, 05 Jul 2021 07:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Nov 2022 06:54:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 775E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
9508
x-xss-protection
0
server
cafe
etag
4184452204472697813
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:02:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 775E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 09:00:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 775E 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstts_mnN2xB-t9mSbshoZeDPztVW0upMpgaee--Yqsp7uRX_dTvQMnIhGC4JUYt5LJ-JduJQuwk4yBbifXG5OstTiDp-0oYXZT_VGg2rjGkv8nNodJqlXkRkd4_UajX3dbKONJWefuQMGm8X_ViUpg3UHI_n3pOubP_TAK7wiiq0X0O808KGAXLsTIK4QZiGm7CMn5jauoXWzO8pDa7iIU7Ntp83tJobw25eUHMXQyjvgWZ6dlmE8SvHrqkc1xl4l1QkrBZu466Mv6UzBJgddSbnIJdJm27ogqX0L1oc5WFhiol4ICr_-r7CiF9E6WdVarPj-PPtp--48xZ2FqZX_YXaVtkryiiux9LLI23Y4QiCwy8ROe_DHqxmgeuAJJnbwo4AHtmHUagY2T5AobvU9X7kbiYoVmjnMulnzQy1UheGmtJWyfib3AXnwvBNx53aXfuf_31DPkFvhW0lGOVY9P4El37kf7EHOZCsFZou9RFH_1RxopCY0CGNr2gpp1kxkUunYWVZMKUwlkpsJsDd_MunovEulPLjO0tVwGGLFMhVu2WTC0fUFfnZGmnWL340dzUuCRMFwNf-5W1YTnM5xk-oAhbg7J38PgOV6j8qyCz9JwYGoRYkqbXRIqXNTCafQ8CipHqR8OVjOB4H18PkHe1FjA7ALk8MG4hBwypkGfGfyTzKp73LjYSqXhiv0qPmyyKHa-gvjpL5yuv7qXnjQk3W7CfqyOr2P4pg28eAmyOoBQITYFXPrw0ovysGOJ4iQSNJJm-FmrtNibjtAU_rxnOo5KmxeyDyht-N3HR1BJFtHeuKmzifCtyIkIkOGDGQw1EPdx6GzyIEaQZ-z6LlgFfhq73ruwDghKBQGezxg0FcV6Udwd3ImZ6R1Pb_9phZOMmuc8uoHo8wXRchpdEszO_I91BKsVhmtGnmIXc5MlJb7GSgepXU9B9OpWKui4tfMZtSG-9L8MIm_DIl5Et901q80uohPbt2k9rqUFyJRXLthntLln_5CFsk84kL7vKy111O856Uj9TCR0kvH26dsPkFlYUfB7lK8CnWEgJiERKLNiqyW5jPPdzWkj_fiJNcVJVAKRDde62bFUJlnrlbm592ttJlKozCf8S0OeycI2R0k2mHvlcVkEPosKtClNiqc1qPrKR52InmsCPKhBM2gxdevUYLNQ&sai=AMfl-YTSCQlNG__Bg7hdIUOTP4gqaYH4WdqgXrrj7NMOvygp3hE5M-Fl-ARzFJHtQn2MuBhCxmHC5FWyTkR4s6Inc3-Uo9XRFHyfDCI8S_HwEz9SLGbPHDSOqFkIUTKV9zJXhSUlCbk5Kor8wpeagZxWVZCXdaNxmQ&sig=Cg0ArKJSzCEweQePJR12EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211109.36628&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 13 Nov 2021 09:03:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 775E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141208
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 11 Nov 2022 17:49:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A121 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqS2U7Bt6MXjVToqLOkDugX9iKj0y_MPt2FSg3oCGvUqvgZohoxKjfezXPMgsPqpR5GuNrvhkc3-tNHvm3ROs3Z8WBm_s5MWhzwOJ5mxNqbJFicMAnNsrnz_Vj98n6UnDlBzoI0prAKvR3GTwoXjibZLfwGQlyQsR7J1Odebm8oIJilGeNVetDMW94JGPxe1Vz_ItgQvI6qcZgyQNthjHGKps3vjGvCto-Eo0HPF1ubidRrvf_wSWfJtJ57VT6PNHxwxkK1QwrPUkGWHqvse2b48PHQfxG3qUQG7fr1pJKIdlZMwsD_FI5fOHLQZZwdm24ynEhmHxA8JMaCXA9L3a7iXkRXfb0Su7mSj693JqCM8KsdwwYuQ3ZeivcrjWqz43yo0yb701UxfwHs56GFG6FwAzYQAYg2jB9qDRfqjfzKbFlKxDj-bv2XskE2H5POmvjUOnQi4nXhK90etOx24gBF5a50YEhWZ2xbIOLNELR746g7LJ2rRyVosIfHnyq9EHwOCA7JfafD07s4RTmfzF19qypU4GwPBJMgy3YjRHQUIRgiUCx4p9wkIhSh-tOy1EVSeaXmYEa2fmNdKVPzJo9_smirlbC5zRVZSXPy4WUw5BGYRV9ph2aPevsIS7nP-eFPbOg1jbE2nezVXFUPFOdGyjfwgV7HY4PxDcgq-9IDLJLCeWgMg7mc_HQbphkn1RGq1T3WOPIDlDL8N24Z90o9grnHwZcILB-g2juEjfKS1ESJxhrpCPoByPL6ASc46rGYXOWsD9t6DGSYH1VmyxiHjX4LrIimvdi_bJuPfhkGZg44HmDL86N7DUrzwMxf187EXgH3VXDGpflu5gdffknm11rh-U_HqOVKShNYUSFNUF4W2BILB7425pJ2bPsZSqTKzUGWGtst0kXIiY7ib38JhCYh0ZCznDFeuafLMLOJbW67nd2dF-3G41_3XsX1MPa5GJu0qmbHfAwPOp7vbDwvKNjU2ng8NQJFiOrjOcNU64A3TtznYj4sLe7U8vWtSf8ztxEVSMsnamf_L6pd6iSJujy7QtNaWcqmo2r6dp9nHb8oQ5Om56fKNwHprVoqlkguBMuy9hrAEjm1lx5tHdCMZU13J4ynSLVrR-LZYjYe4wGXwP3dMq4ohHgm5LmIDuqi35gh5M9_elajvMPTvOjOkG0oyA&sai=AMfl-YSfxJos0-P351_h-55L17DSllXpkOwUKp2Aiey4HSkuQhC-NbcZhmoVbBf0ttDo15ruEJjtAhTNycfppzJBrfj0lupJHot0xcx__WsQ4NbG4R12wsOl1mRVSB_fC20_RTFVJa85ER3hCRWEtSkhuZPTVS-utw&sig=Cg0ArKJSzF8O6ymYd1ZsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&vt=11&dtpt=83&dett=2&cstd=0&cisv=r20211109.41134&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLshasXys1041b7zQD3aVvbFtTbVe0QPhCmD-bhOGDQX6idtFGvJG1xg4xjICgXVo6JGR0jOTpf8JKs2pDmpRcMCY44S891lbArEk7yuK42dv5ZENrrB_WmrAMRtcjSk36JNUqMvlkBt0Qnk1N9KntwhQjkg&dbm_d=AKAmf-A0jqcuIWeQ4BiC2Njusx-idfpW3eCMzwV2SA38nrM886QsUFzUNNm_O91WoWO7hCGKFsig-cSdoOjyyArjCm_1_Js3ylCvDsd60yY3-FndmdsV9WRYS0TnL3gQMJu1U4iIuShfxQwteEeqnahri-B3tR9t6peR89aTTHPVDqjQoFUfWSpp8j3LFDvw6y5Su5M3A2omOkdXCytg2E_zhoG1FRj4gXQvMkW3HOHLEQRLxteReIiIa1fh8MJMCdmdEBIWuFEB4Sn6JPBjcpd0GmYGahP0y3KPLYvjqgP4xdJlw5aIoqnzV0SFmZoIL9_V4TgAb_l3mn7zWHwI-NDSHJPEhkkrCnD7XZWPUO5K8jZ96X4c2VLmn2V0hGDvVSuu-yLPmUPMje1IMvyY713sHjIYKb1HNLFaSIslZeYFZFFtghHSFAsSbkNJuZVHabDe1l8cldGrbXxXpKS04J0yP3X2gQEMrOyAF_UMfhgUTayY0IlWwSPja6kxXt8wz_RLHoPrI7j_c7FrIasaMv3Vsd6MuBcSgjjPk9YeIBieektoKPaFDZby5E0fSjvEpidca9nGmvYwt3fzGvkJGeWdFJFvlizGqqQ5tvpSrZH5mws_bwYIhL5Cxu9YusBUw2l9_ZO2JdjwkNmXZDTgpIaYklJrPkcfzIP_UmaQyGpvdir6McR6Bm0IGVC86_3nHm2hV5-mUoXRH2iOrS7VTzy8OIiaqCBexQyO5hYYDE40OBbT7zDNe72jGF7JX_YAWALQzEHizsKClbGdXdYQNs1DIKzf3YvXGB-pLIm2tizd-VVJCW34lU-5BrcAksOJ8uySi6p_NI0qCyOCynKKZr5mUB-YlT1jpf9rYJz23JS9P_dK3LOlQblA2qgv7lloVromAUgCQZoeHcZEXXhWT650lUx9XmRroiBBwFTSmgNvm-HgSPn2dclhQYEpn5fqCRkI-veuy25ThluWmrL1M8smn9GueRJTsIz33gWC1lO0o6QBU0NwLPbtg6nJ82ddZT5wEQZAnJ8VIPPqXA-Px0G4xeXJUSDIYUf_9Ans6b6RlF4_pk5trU6xVxfwLyj788AhFCaMbuIyoZ4wdaqvAQeB8e5RJwmjKRMwj5y-SCuocgdywL4WW-tvN5WWM-r51dOWS8WNYSoJ4KJ7FvBUP6M_YiokHapPer1zMiHk_XacgIUdWijNhlXH33BSqGMlhyTpF6JxCqi2jPauH1Cl9OTRPZGhaoy2PLf5GWgcb1iomeVf8ZdEbbmGz_5p6wvtCbgZnMzm_nU7yH9Wityvraz6ZWvfssRY9tbFiHlvU4naX0HRnQ9wT00IbmgnFF6i8XrRuH0RX5-VnY5W7-ejpljTdvZPT8rYNl8kWr1Af0T3M9zsNDME_KATACgqtyK9YwOjmxpSIf12mGqeIIP9p6sH4B6W_fCytKQRar23VJojBV_XE5uU37I8-70P2wFNj4zowtGeOyeeV0V421APsZPfRqEdNMNottzjvPuQYwsHGdhDXb9_Y8ekNSfV5eK_Dqbkm0WZhM6eTpXYph154cmgBCytjPoEO89-Gn4GPkJrNX1I3eN1cQHJgfYl29v_rq6MG3--pVbmIX7o0raDXksso1wdGE46Ob4iPCs2mXGJWEtVW5EROWjNcGs2mRyIBaz6Zp2KQU8iUTaRLyZV9SD5wE51i6Tf9C0_4dNFFian_LrmU5yiCJzQSwHBtnve-FR8j40RVbxpooIYogK99cIlhl6oWAs8nNFv8Yx8xZjvzEytXv7-lsUiLX7G8419_5TNHZxxGYpkN8SsAxN2Qiw0KOnt8tf-j7UwvgTgKooymRqwfeqwHMYJsxdZDGIaZaVZlHje7mT7Ew5U6jWiBXMFLQouCh1gMpaF3BLC1BySJJF_VZHGmD7A8fEDv0vzfYQz5PyKw96hoH1cns6Gxc9hS9SDmEJn7J3UlI6V9kS-pCiRKvXe3zj4QqHFm0LJl3xFo7re9cJyI6WCbwjSrtKRuMZ4iaBeAHPD5syeDD5dVZbDNxGM1GL8Y-dCvR0tjiUatUSVXpzwY1uU_CqWpExNVWIHiOews0jancuqnJQY4YEivex546c66D3PNZstdDT-ftH-TDPSuSvBQ6T2ihVm0Z_HiILMeO2yqAFprlVbdUyrEzzGLEl7YkeB-qzFU-vD_DM7KKzsQYapOvPGveBl1NsdL1D3_0K7E5Ok2MKnLjFVYhN0iJMEEqKsiNS78zfCufH3ql2CnCrsiT_FmE22dorvjP9QVVrC9hp9vLoRffA4_SEJ0rQu_IEhY3tLNNKfKLfiqY1G0qT46Q1xz9bt_39EbS_OAhw8M4f_VwPxfg2dcDfs38BRrZ6qu1IvRtSoa7Lch7igeVxviFthg7sx62dFj36W1ITHKWhfzJm7NngdASmThzcmb-Sqy8HeWGfAL0mQc3WraunKqMS4dWdP66TJgX7WmkuPT9GqPSrxgDZrRcHIw0HI0nsRttwnst5Mvzvj2oRjFU5k9x3T41Gi6nDr4XV--dUtVvi5lzqdEJPu6T-DbwebG0fiKraQnzFAtzpgNplzwZJ7kPfdD6VceutyWZeJSIphrfsGbuwrLLsUrvglHBTDeR5r0pvYEyNpzEU9FsSgcouPLjN-xMdBfNTAlfPaJ7ktxltCS1SAO4sRySiyFcdM0D1SNnkbi8uEuHEEDwq0I5lWiRrCwm8p6dh8mpw57z_pIMW8Y1T0tpiNS4F5E8gbCjeYlSFuSKy_S9DWcEqrPeSAe3FxV88qSOf_G211UEEEfXC2HCc_WSsamOlxG1b3Uq_AnjlrIXQIddj2bYqsPJXOWA7--O3augAN08NPt9whIwW2KGaEv-6Rf_sFS0Q&cid=CAASEuRol7K3TRMlGUCenXGDYUxj8w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4416 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 12 Nov 2021 13:26:12 GMT
expires
Sat, 13 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
70617
alt-svc
clear
truncated
/ Frame A121 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e7f8cf8c862f8a1c937041c003034ed50a8ccc933e4c4af753115c82f472fdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 775E 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstts_mnN2xB-t9mSbshoZeDPztVW0upMpgaee--Yqsp7uRX_dTvQMnIhGC4JUYt5LJ-JduJQuwk4yBbifXG5OstTiDp-0oYXZT_VGg2rjGkv8nNodJqlXkRkd4_UajX3dbKONJWefuQMGm8X_ViUpg3UHI_n3pOubP_TAK7wiiq0X0O808KGAXLsTIK4QZiGm7CMn5jauoXWzO8pDa7iIU7Ntp83tJobw25eUHMXQyjvgWZ6dlmE8SvHrqkc1xl4l1QkrBZu466Mv6UzBJgddSbnIJdJm27ogqX0L1oc5WFhiol4ICr_-r7CiF9E6WdVarPj-PPtp--48xZ2FqZX_YXaVtkryiiux9LLI23Y4QiCwy8ROe_DHqxmgeuAJJnbwo4AHtmHUagY2T5AobvU9X7kbiYoVmjnMulnzQy1UheGmtJWyfib3AXnwvBNx53aXfuf_31DPkFvhW0lGOVY9P4El37kf7EHOZCsFZou9RFH_1RxopCY0CGNr2gpp1kxkUunYWVZMKUwlkpsJsDd_MunovEulPLjO0tVwGGLFMhVu2WTC0fUFfnZGmnWL340dzUuCRMFwNf-5W1YTnM5xk-oAhbg7J38PgOV6j8qyCz9JwYGoRYkqbXRIqXNTCafQ8CipHqR8OVjOB4H18PkHe1FjA7ALk8MG4hBwypkGfGfyTzKp73LjYSqXhiv0qPmyyKHa-gvjpL5yuv7qXnjQk3W7CfqyOr2P4pg28eAmyOoBQITYFXPrw0ovysGOJ4iQSNJJm-FmrtNibjtAU_rxnOo5KmxeyDyht-N3HR1BJFtHeuKmzifCtyIkIkOGDGQw1EPdx6GzyIEaQZ-z6LlgFfhq73ruwDghKBQGezxg0FcV6Udwd3ImZ6R1Pb_9phZOMmuc8uoHo8wXRchpdEszO_I91BKsVhmtGnmIXc5MlJb7GSgepXU9B9OpWKui4tfMZtSG-9L8MIm_DIl5Et901q80uohPbt2k9rqUFyJRXLthntLln_5CFsk84kL7vKy111O856Uj9TCR0kvH26dsPkFlYUfB7lK8CnWEgJiERKLNiqyW5jPPdzWkj_fiJNcVJVAKRDde62bFUJlnrlbm592ttJlKozCf8S0OeycI2R0k2mHvlcVkEPosKtClNiqc1qPrKR52InmsCPKhBM2gxdevUYLNQ&sai=AMfl-YTSCQlNG__Bg7hdIUOTP4gqaYH4WdqgXrrj7NMOvygp3hE5M-Fl-ARzFJHtQn2MuBhCxmHC5FWyTkR4s6Inc3-Uo9XRFHyfDCI8S_HwEz9SLGbPHDSOqFkIUTKV9zJXhSUlCbk5Kor8wpeagZxWVZCXdaNxmQ&sig=Cg0ArKJSzCEweQePJR12EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&vt=11&dtpt=86&dett=2&cstd=0&cisv=r20211109.36628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bybg6PIeD9LxExd12pLEA7Fr7TjMDw6ee8vqi6PsYScaUDcjjhxjDFll-t12U54E11cTvOAIwF6nLHS-xUeD1liGMgaM6ycuC8EWSC2M6fXrjKb4yqI3Myco65htJqjHJjKTcC4dWyR1wd3fNVogFbo8Xseg&dbm_d=AKAmf-AoyHYiNknWRdio8JXMq6cZFi56ymOfghHnkSLgAcL9cjpgIPstjAuTAWCjROgxjsb2B4Z87g0yuD_xBRNZj9xAaf4I6XCkfl2fd2CT1DJsnLZo4gviecjw62Fivqu2Gx9klhVfSWKnbJlV6jElePpVKWb9sbxFThYy-u0k_cmYxeAmHXCBCUHchp89BqYIhVmClTAnhRNh51zeAuRTZlKgLIpkr1iZsYyBiX6hy7mgc-EIee5PuLtF3vgMME6B-5DODp_hYITz4p1nnGcF1Xl3dEcdlsWpDe-Xs_JuNpMZITAbL8X65Dd7RhKsmqR7NtrmLx-lONx8K01EBgmz_0kolkCoLK1JMpI_l5PTZaSDBRC0VgSZww50Zcsl-QLkPjVhPlkFOWyO-2eUMnnDnWduDezneJkQPzf99aWqbfPQWrU2-xTDnjmjNRqrmRI86ZK5a8ykEXIw-pxyKrXtCqAgAy8MJnirndIl45eSE668C1P8SWe-lDr7Paof2MpIGiQYm_2n0-q1oLWomELhFUdU6Htf98AHJc2vaJuAsRlsW-voqEge9_jia5s6ZWXZEBIxaTYLjlz86RB-Z3QiSJECfXGWxupZHBxhRCxZ7Dlj_qY99eBNlUNDcskHDHQ8J4J22zBE5lb1Ta20iuwqW6XQafHyGMTdQsfvSSRs3tA_JaSn_RuUJMX87Twn6PYJI2g2LZaRvVrzDcGiokCjXsiD6CTpYEIVlbMVjiCS4nUDKBM9r-aLZt9NpVRXpWcP0ZC_HsYF2wbpBMwlO-kyVqsV7j68GGLG-YpwDBA7dF3DyXG5jwLbwJw6BXcpA4syJ5whFcWfUNNyfImO8rkTVtn-3r6_x7NMIX-nZpns6owlyUbzvCREpsI9-h-CFtlh6-33lnrkfUpeUFPgDwYSqbnL_wIkxDqVyHcT86N6RqUtS8AS60Oj3mbLknT3Jb7Sjgm-ip585JGvPExqhLM0Fp-o-kl5_FFCN_Tp6UiMK_m27X9S4f2_Qsqw4DvBQGX_aX4xcToY1riyDyPFOJ_piWPefWUql9f4nvOFditS6EvF5eHrCzTstO1UZorsGFkp03xiF1de73VSY5QwV3HzgjcWMzHaYzRn5Tm5ldzBzauBIjQqpDWHpn1X0dqoDApsszXa8rIAEDzH58kzRj7SlF4K4Pyzi3tE4LycggIP0acEKcaRB4t73RcnOFzC8Q8szFoTTMI9EisOcx0te5nBllorXwYFBTQ1-7INBXZf8SnyDA2KjjDRAoWfeL3yp3dpYFs9VE_HM8LjeMpmFhfjOo92bx1CsanX_PngW7S6FR8yvlkYu43u0S3DVCsEXsVTP5ZnwQdoMcNc84ps0x46dZu5hr-cXWegXCI4ojINb_MlErt0bPOlqXx2oYUxEdWKimp8eTCbiynJeUH8EYoX6-QGesFZgTD1pdkwCjenBKmmKIeeA7BXnlE_us2i6EKrndQusPItJ12tSQ6MKOskRDJMwv2c4t61ka04VH2pdzSzVhgs1quyMwGC-aKIxZGJbLpyzrDgJmeK4IAOFO7fszpkfe2KYG536BL7Fh7vdbcPQIZP-KjUAWa1d978mGXNKAjoY8walVJKEG0c1t-ysL0rU6kHDD-0M7nCRfLvJXJKorehIC5gFwEnUElVgweqi9OPKSRFdSieJfHrGlvkNO7h_lpoX0WCiRoo36UdKjGtUBKd46JeqtbkoTEkAsfZlVAGOCuWjyv7fHXDAJnc0Jb-7A_4pPvkRzuu3r08JAKJ26EEVbFaVO4HG5A6BeoZEhXSIjU-2q8iKRAYhtMkrIlk8MojpSc2gKBdszwH4nL7TOugwI2q721b4WOYpCrAoSQSYuesO5-tzS6GV2p_bmHPQ3yafJN6ACXakgAWipeOGgOIFMxIaNoC_bPKpDd7xSwgz4qg9J5lCDrv9pymgwytS7eMnxlb24GqP8by90-DQRbwx66AbUjYOyfOzU-bobIVZQQ8ozb95mXoW0oTaorpNWDANBZN1thOqjQQr5uZ1ngy1LGpgMeV6izn-9STX7fQKUADEqGChlcBFuCUpQlUmDXam2r4gAzY2tsnOhdZPqILN3V06LEEPOmXsZUxrnvvDO8FIJe8waCxgpdrjfIkOHhz_09exh03cwX6Ve_KZnhsKWeHv32SVQYRWZbV1n582e7DK5mYu-PtNyITjXwbfe-xLW5I9wSnSD3UdOvpIBS1NdstT5elsx64Irz-vVzu6YygRsmPkvDnD7iPDhYnwLJhZjfDI6HB-pODMJ6c5PCXOVkr4JwefAhLN1y2xiZmxdOHvusjBU8gnpSZduWw6gsvibm3B8kU-WWa0SEnowwDr6lnuZG_gYAd00zJraNoXGuFRR0V3FI2BvYA7oICEPIsNJ3ImS6lHhYLqhDqcQj3TCYzhrMn5eaMD9apchg-tKIwX8MB_yH9ZumGc0sfYO7TD7yoB5lVMPMmWkvxug-bXnj45J-R4Prr4LAzm0RAgG-uVzAhYg1MGlnM0zYFDknCNiMeSi-qJb4rq6BmnkykHwCgjvPrVWdnZaoTS8kqBWVATzlhGtSfYkrd0Wu_x60VE5V5JxZrdbK5wDeh3URAHp58t0czcTcPwUHrv8vgsadcoJ36EKVpEMGUtHs1SA5ZxiYkUc-R05b-CUCYI4AQMKVZX5K5AOzuA04FY7Pdk-UHcn-z1e8Nmz8isZ6eOQnTqvamlo3YrUxuC5IHuqtYozcF4r3ljCuji7y4AiPNYI5umqwB31xpUflc8Qw2Op-xFYL0Hq6EbkQoWCdTmxZyoXfTer1EaMnDhj6zUFxB5ooVDNTMW5XyhP5oHjDM4giCOubMcsiJax_3v3Sr9sFb5LM&cid=CAASEuRofzbcE3UcDJDE_cal6weotw&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8EB1 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 12 Nov 2021 13:26:12 GMT
expires
Sat, 13 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
70617
alt-svc
clear
truncated
/ Frame 775E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28826b7eba1f10ce469773acbaded1a894bb85a1aae352038ee1852c6d75b749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3848 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 12 Nov 2021 11:26:52 GMT
expires
Sat, 12 Nov 2022 11:26:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
77777
alt-svc
clear
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C7F6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 12 Nov 2021 11:26:52 GMT
expires
Sat, 12 Nov 2022 11:26:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
77777
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2BB6rFHOjufASaBWcXrDY&google_cver=1&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoOiMi0&google_hm=NDI0NjY4NTQyMzMxNDMzNDk...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoOiMi0&google_hm=NDI0NjY4NTQyMzMxNDMzNDk0Mw%3D%3D
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 09:03:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKJjZ6uwRb6SULA-QCHVg_e8qAQsthwoc-8jnBg0IT-J8b-XJAUSuCq8VHmjnA1hDuxSsyFbA7Tf4Tqwj1x2nYXmoOiMi0&google_hm=NDI0NjY4NTQyMzMxNDMzNDk0Mw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAB-Z-zyUN7nUNySKuprgEw&google_cver=1&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM&google_hm=TDNDhFrTyT4nylPEgS59-g==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM&google_hm=TDNDhFrTyT4nylPEgS59-g==
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJt1RP2DBA6qT7V4K4l31ojBM1vdIzBc8fNIlA2b3kLonurEgaKmRbndd4nqu7csIroEGmLFItlUU5PU8Xl1OOpzpfsmNM&google_hm=TDNDhFrTyT4nylPEgS59-g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
hlp45k3t4020a40nka9lm8fhn9j2bsod
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOn_PdAeATt2si5gf30R0fk&google_cver=1&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOn_PdAeATt2si5gf30R0fk&google_cver=1&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4&google_hm=477fe2f416b75f6b8bfc3abf
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4&google_hm=477fe2f416b75f6b8bfc3abf
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 13 Nov 2021 09:03:10 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKXv-NkLkt9_rcXLrnUXm-LaP26ii9cEPKmj4EvHqIQPUnZ3M4Kyj36-p4vwUkgNwd54XgLK_Ssv8jy_mpnMnXIZzlRUC4&google_hm=477fe2f416b75f6b8bfc3abf
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESENJYeFXUH8obugh9fThWu7c&google_cver=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENIE5AfnB-61dWAKdPRHX_qHpMwCAuzSsFxqThR60xsfH34QRf_l861c1aWLZ0y3UvuswWc
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENI...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENIE5AfnB-61dWAKdPRHX_qHpMwCAuzSsFxqThR60xsfH34QRf_l861c1aWLZ0y3UvuswWc&gdpr=&gdpr_consent=
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKTArdj9QAOMvWCaOhEgLy1ENIE5AfnB-61dWAKdPRHX_qHpMwCAuzSsFxqThR60xsfH34QRf_l861c1aWLZ0y3UvuswWc&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sat, 13 Nov 2021 09:03:09 GMT
sync
ssbsync.smartadserver.com/api/ Frame 4416 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFYlYPnp0O9XiowMAZ11goo&google_cver=1&google_push=AYg5qPLx5LaQThEXYBIe97-GD4EMREOnXeW4egilqQpVBo5vDAEIkQ6rDmE5ByiaUKKdJK4gjKXny4THl-b9zJj30OlaDhPqTjA
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:09 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqr...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqr...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8Q...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqrn0NHHyDll6BZsQ0RHEcLc3Aeme
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPKA2r9XrRsmJrIN_BbDPfcF-nTJfFtzHv9F4phb1mGVyu91Z8i8QmWBVEr6uA7pwC6Oqrn0NHHyDll6BZsQ0RHEcLc3Aeme
date
Sat, 13 Nov 2021 09:03:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4416
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJDYChiT5w7nCZ7iQWYz-nU&google_cver=1&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJbb9CzRCq8eiq899LE2s_lMNU5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2M3NWUwZjUtY2M0YS00MmNhLTljMTktZjgwOGZlYWQ3MzRi&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2M3NWUwZjUtY2M0YS00MmNhLTljMTktZjgwOGZlYWQ3MzRi&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJbb9CzRCq8eiq899LE2s_lMNU55xuhTY8VXlo
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2M3NWUwZjUtY2M0YS00MmNhLTljMTktZjgwOGZlYWQ3MzRi&google_push=AYg5qPLilMjq22FLMJIlMbOEePttr-Obl-TXZfvf0OItnaLYZ-x44THfLTSfq7tJbb9CzRCq8eiq899LE2s_lMNU55xuhTY8VXlo
date
Sat, 13 Nov 2021 09:03:10 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4416 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9DzMRtLjA6A8NCd_uvM2ziEzvT08DKy3FkM-cvv6SAZQvNkHIbeGnUjuDfL-fCTvcuE0DmqU
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:09 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame EB27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuruGh7Sqz7lyHZ0whHy9AjE8iuJlc6R3dahqtvqxS_TaaPASiB-gRDRE0k-AXlyM3XNEzlvnd3TWJFP5LKZ06p_jj4MS4mvZnQH77n4y1EB3Qlverk3Q&sai=AMfl-YQ_TM704EgoN76lflX7uIzqlNoGgLfJU-A52EHzQtL2Q6kWPlHQwxZOnCC_BVq_q1XYWNk2tW24lb9K&sig=Cg0ArKJSzNzai8YpupSIEAE&id=lidar2&mcvt=1001&p=0,0,280,1158&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3145558973&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636794187861&rpt=1008&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFtw-OJaNy5qTiNQYgY6k3o&google_cver=1&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0j...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0jMdzSF8R__6lmFWQ0eaLkPP8o
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0jMdzSF8R__6lmFWQ0eaLkPP8o
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==&google_push=AYg5qPLx2EgOMThcMX3XtxjjXM6ewOjCMz656N6rm79VMHpLL8iEB04uXiqw0jkUIV_qptyvH0jMdzSF8R__6lmFWQ0eaLkPP8o
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJqBlz06v8ObVmtixwJOFwE&google_cver=1&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdm...
0
0
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIfqMNWMVOIK9vlWJ5UuLyc&google_cver=1&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU2NTA0NDE5Nzc0Nzk1NjYwOQ%3D%3D&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PY...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU2NTA0NDE5Nzc0Nzk1NjYwOQ%3D%3D&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU2NTA0NDE5Nzc0Nzk1NjYwOQ%3D%3D&google_push=AYg5qPJMCRTkEhUmGu4KhangAW4cVtuHBRaixoGOEaVgAkvPEqOMWagUr4PYcKMt16pnyOw7WCfE-A4dbDF5nvLwkPP8PVDmFCs
date
Sat, 13 Nov 2021 09:03:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESENJYeFXUH8obugh9fThWu7c&google_cver=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PVA_sTm27Rmk_0G3y5VPDHHkOk9kRnCG0uuI5oXFtzznhH6yt017AXV15s1oBRSNAqNHQ
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PV...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PVA_sTm27Rmk_0G3y5VPDHHkOk9kRnCG0uuI5oXFtzznhH6yt017AXV15s1oBRSNAqNHQ&gdpr=&gdpr_consent=
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&mn_hm=Mjc5Nzk1Nzg5OTUzNzg3MTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKZAqGALtp8HT2dpOpGJEvp6PVA_sTm27Rmk_0G3y5VPDHHkOk9kRnCG0uuI5oXFtzznhH6yt017AXV15s1oBRSNAqNHQ&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sat, 13 Nov 2021 09:03:10 GMT
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfz...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfz...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAwOeNGDAOmhZgaLevpbZrM&google_cver=1&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDy...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NjMxMDA1YS00NDYwLTExZWMtODM5Mi0wMmEwMGViMjgyZDQ%3D&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNb...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NjMxMDA1YS00NDYwLTExZWMtODM5Mi0wMmEwMGViMjgyZDQ%3D&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NjMxMDA1YS00NDYwLTExZWMtODM5Mi0wMmEwMGViMjgyZDQ%3D&google_push=AYg5qPLChu5X9YCWQW8z1vWNqaapbtkKWVQjXeNRneze9NQUslkNDyfzwFn5GcwwNbVoM6DsD-cud7BYed9pYL5KC9uoRh_Rk7KB
date
Sat, 13 Nov 2021 09:03:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljj...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHI-BjqPDogg8mL4EZf9jzA&google_cver=1&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljj...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bO...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljjWpRTE6XQoKJmiHcZ4SFYNxjDJx
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12SlZYWVA5RTJ1SGxHcEkuVWNsUkNtaWttazFteGZmeX5B&google_push=AYg5qPI6uq0Nu9u2mdZ-wxtd2wTZaOxAHgj3VHey3OmS5j7DwIY83W1bObBSkmFqRAsyCmeljjWpRTE6XQoKJmiHcZ4SFYNxjDJx
date
Sat, 13 Nov 2021 09:03:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8EB1
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJDYChiT5w7nCZ7iQWYz-nU&google_cver=1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xAJjFAQLmDes-L2Lwr-PyQ2XxjT...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NDg2NTc2OGQtODI1ZS00MjE1LTkxZWYtNjc5M2Y0NjA0ZmY1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xA...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NDg2NTc2OGQtODI1ZS00MjE1LTkxZWYtNjc5M2Y0NjA0ZmY1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xAJjFAQLmDes-L2Lwr-PyQ2XxjTNBVhGLFZGTy
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NDg2NTc2OGQtODI1ZS00MjE1LTkxZWYtNjc5M2Y0NjA0ZmY1&google_push=AYg5qPKPiU9pYtsr7oR6upeZGcCmX1eEgYZAJTssE5wa-WJ3DIfcEop1h5bkE3xAJjFAQLmDes-L2Lwr-PyQ2XxjTNBVhGLFZGTy
date
Sat, 13 Nov 2021 09:03:10 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8EB1 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKaP_0puu64BS_rppWx_-lU-MOcNFOCwgzs20q4hzBIULi_nUkTT_kf2lWmq7xP9yiRBLlJy40
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:10 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 3848 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame C7F6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 14:09:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3848 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2JXHTX-PYc6EGonE-gaOmYngBQAAAAA4AeAEAg&bg=!k5ClkNTNAAZQLpa_UC47ACkAdvg8Wkotapmzj3Tj5FhruQcQrRFy-DJ-v2G4qIxBkwP53d6QRwlYygIAAACfUgAAAAtoAQcKAFOF-9hrGhWqNeKRyPGg5SGSSDK14GMoN5XSsS6JplJY0hPa6Ip8X7fLESUmfZm1Ju859dDjbvvjOeay5jOMxEYxIGvBgEEAjo9eoxQZRlqFz4jU1JkDH2Tiq-EYSu5MMre1j6X8G1tyd6yEOtEhVSUo1SJYwsPzqKtmlRW-kLuj98zqgU93hqrjHTlIqx7WIyS7scP4XcFBY3fP7VlA98K34FZdeo19Lk3KTEA4WhUSEil6vLLU7Ld7NdaYQzn6ozjpMfyx1DkPlQW5lRiDHFNbn12WYDVpZQFrf55El132XR2MSXdQkr3g644d3e4PFkZIUY_Jo7HolOAsWioziP_dpxhCW2uboyFPABLlij5kIRbpuLf95BwP46pyYJKeoqO0ik9Ecap7KL-5mxgPUPuTg7LSoGURiDMEOBBSvL8AuC1KKDzTogTjWhiPG9mpw04QPX3ZPYn0T9ktKZfNNjQytWSYg79lg9LkHmLvoUDQdJ7LpSORS38T5ddOBnP9pyK6E_KvdgqNLWMQODNOxgZQiWGAhl3KsNRIcLUzjzhg9dJjG_tLzTwtocuvhLUzWeGCZuue9V9vOg1GXATCwZ8TmtwyDmv-3bUcHd-S2rReXmmnxslWxLBCj3S7Ren3ufu3c3WdhcJOvdNFbHsUJViR23bg0biSGP10FkHt3-FFrQg2_0rVMpgEMhh-y3NiJ5nzW_dm5GPaigKYhZ9I4HrOT67izgHirLe_x1MEugTrupjNKVtlV2lx7DRHjTgBknhBwGHigpjgXo_ZvZ7ohywYBp3PbZpsp0UFLjaSU5-RK6INRLme147qO8dFc57I9AJOLU6FL6AuUxnQUBSmMLefsWEMY1-UqWQdYdjBH-_OQZQFIPd-2jekUmS-a8TOL3YV-ek12zmBCwqHFJukNaTcgWMexfZMfyTV8AXeVc_e6QvIyN1Kr2PnChDG3DnQv1jRYdJFcU2wt5eF6ir05CBTGd0-tA4JCALKEEPLSU2_Q2IVRkn_yfu6OYl4quXhiEV3IevJ_LfnRWyz5ePlX7FVbW4vJF0ez0HpoSX0H4iaWvBOKpeS_Wdzzynvup3RinKvC4E4K8g6qC3wbFYrV5o8SkiUq0s51eoGB_sVKcrZQwI9ta6aZbo54optsC1EGKcB0HP5ua4gT8_CpdayG_NMqMtQwaM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7F6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXmXeTX-PYdyeHIyOgQfol7zwCAAAAAA4AeAEAg&bg=!Dg2lDUnNAAZQLpa_UC47ACkAdvg8WoojOU9snfm8_7GOQEm2_m9MjSE3UpPVjRHDKy-5X11ygZN8RAIAAAB-UgAAAApoAQcKAEepbwCNxTbjCkJr2U63MpB4q-76R6yZ4XCc3hOpN5znhQiLXwVFGDE7lV6cnulgM0kDCF1hDEblYrqXZ3oIsPDUXRe4jovMhpkDEzzcCRUp-INDlP0ROJ0m0w-PU6S43NYqBt2mBsVESpmWQuyeOaRGOTRX7zzjYRyAs63X92fQtZJTXwhYkQisyoW3Exdq7dk6OWPwWfHH1gMfRDfGS-OLkBn8uUCiIzTGbGOhvMIYbhud9dUISlbzRBB16aMjINs8UPbKErf3O27FBfnFXXpe2IS-n9Elzzv-R_BcK8QhDSMlZEDB33k6_mwIhTswGPRitcw8m-mNWXv_FOBhu3PrlJSEIuUrd-3AyskjyZnSYIGYiQkjiRMdgP8yMMlZ71yAkJe9y8mIkHxjnvnfODXZaRRvAt9_I45x8SYIDze2VXw8UziDaeohktFPr5rSEtNP9ubp1pjobm1ck4tcYrzag9yUd-FrqHxk231ZuF0BkgNp1450zlWVbmw_KJQPuZCTErmxHa1eT8vXBNA4oBtoGz2S2OIV7Fn9UVFY-2kf84pQvZRrmGo7CvgYWWml7CaiVe3ItIA3ZybQLrLSvilCI1WopSe29BJCZipOx6vblx6OewkVs99jYxdNq1NJIzyrEAb1lhz7vFHtOZur9D79k23UdI4WrZuS8tq-gfOGOWmTDDomzhOGndHCM67RfAlO6QNcvQnZO9JYbVScoeT9-PxVPFMrNb6SehuE2KFqCng4crfzMVepoMD10XrAlw4uace9iSjJ24czpDd8OGjr6MbU_xBnNYEVyvjcYoQNnD42gp_AqxidXHZqjGQ2wJ2WISBV9MKvl-PTP2z28dvHvohMEiXr1WuuXKnQsRay0o-OOJIi2VE71qMrthIXLFQzgMJ9NDo16Vhzx0vE3gM2uSLBeq038SUlzSEgnMg6C6l1Sda0qJqy1QO0IzIGtLNBO3iKtw4giEQpNHjk60yhwQenLiAAuq78nt6-aBxKGQmfz65bu2QdvIq0VhPS7JN9eYvZB84AGJTWdhg48Jk77pD0d2nGszKxbwrOMRA2rb7ZiBj2d7yv9KCmMzeMvZE3NUlekSp6VfDtJpBI4HbkMyhucN3BodBQ045dx_VWMge_gKfYUQetm7JfJ8c
Requested by
Host: fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
URL: https://fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C979 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva5-bj71FYJDttLaGB2PxVChCYNgjxrWo2iqo5MWSDg9jwCUBv5Yct6rnQoymnpn9wYmypLG1KrhU1C3OYyfKvPP0w_HNEJcnRRqdOxxk67D3WdbWn0A&sai=AMfl-YSU4IbgTHm0DFuvZr_HKuI5Wi-wtAjwe_gdDA1Ol7N9smoVsvDFNmSzIcSpjzKrdDKKwVGazDZrOqoAQzNxNYfxq1N4G6he9sElaEDPX5c8-tZeKsYM2YqIs5Ww&sig=Cg0ArKJSzAQtYB5WUlixEAE&cid=CAASF-RoFqQ_dWWhKqrLThRDBsfAig6T66WG&id=ampim&o=1073,453&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=171&tls=1171&g=100&h=100&tt=1171&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1436553605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5338 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLA0sOP4_8_-HmLxzS14KdSDeEC-rwxPeqTWD6XuPWfkouk0wcE9jpMOjGoN0gB1YekFbvSf1NzJ3BA-eBiGOAUN2wTGkX8lmmdGSeUdi0dKkQU_2R4OteTTa394dvhJQhokLVIPvgXsxs&sai=AMfl-YRLaXH-uh6TzbSW8PK4n9hMat-eXtdFWDYWEqphhG0nzukSzOoBP_ML6VqucUpPnzF2fh-3XTe044ojmUMY1e6K_OfXUw2cE_AveSB5zdBQPQkJIZz0fwwcz7iq&sig=Cg0ArKJSzC2D0jCJQzHJEAE&cid=CAASF-Roym4KKCR8lY24vHZIcNSsd-OAS5Xs&id=ampim&o=242,522&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=166&tls=1166&g=100&h=100&tt=1166&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1058625133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:10 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 03:25:58 GMT
server
nginx
etag
W/"6178c6c6-14b2b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 14 Nov 2021 09:03:10 GMT
syncframe
gum.criteo.com/ Frame 722A 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1809
date
Sat, 13 Nov 2021 09:03:10 GMT
content-length
4683
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:10 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 03:25:58 GMT
server
nginx
etag
W/"6178c6c6-14b2b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 14 Nov 2021 09:03:10 GMT
sid
mug.criteo.com/ Frame 722A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=uQqMx3xSR3JnWjlrb2tKemF2QXhPcEd2WldLK3lXSkIreHpydHdScWlBbWJ5dTY0UG9yTkhjSmMwY0ZmQzdOYUN5dS9zOHFGWi92bFpFdG5tWTFTU2d6VWlvTEpOTUZWaGk0cWhmSUF4bG5DSTR6SU00TDlNZUFLZEszcH...
433 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uQqMx3xSR3JnWjlrb2tKemF2QXhPcEd2WldLK3lXSkIreHpydHdScWlBbWJ5dTY0UG9yTkhjSmMwY0ZmQzdOYUN5dS9zOHFGWi92bFpFdG5tWTFTU2d6VWlvTEpOTUZWaGk0cWhmSUF4bG5DSTR6SU00TDlNZUFLZEszcHpCampUS0R6bHU4TzZ4SnYzT0FzNitkZW9UakRYTWV2a0wrK2VaR0Z0RGdWTUdrTHRPN3ZPVDNibCtLT2RlUkJsMmlFbU9CWkRNM1EvZ3VidjBvaFZVUU9DdFc0MVZuV2o0bFE3cU5oZHE2Q3QxTEpWeURuSkpBUnMyVERZSmZqeGhOR2Y4L1FyUktxeHMyaFE0Q2R5SXVHWjRaZFJaUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9f793f9c533b96d66551987dc145b002eab2324d790181991017b4de9bdca06f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 13 Nov 2021 09:03:10 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2158
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 13 Nov 2021 09:03:10 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=uQqMx3xSR3JnWjlrb2tKemF2QXhPcEd2WldLK3lXSkIreHpydHdScWlBbWJ5dTY0UG9yTkhjSmMwY0ZmQzdOYUN5dS9zOHFGWi92bFpFdG5tWTFTU2d6VWlvTEpOTUZWaGk0cWhmSUF4bG5DSTR6SU00TDlNZUFLZEszcHpCampUS0R6bHU4TzZ4SnYzT0FzNitkZW9UakRYTWV2a0wrK2VaR0Z0RGdWTUdrTHRPN3ZPVDNibCtLT2RlUkJsMmlFbU9CWkRNM1EvZ3VidjBvaFZVUU9DdFc0MVZuV2o0bFE3cU5oZHE2Q3QxTEpWeURuSkpBUnMyVERZSmZqeGhOR2Y4L1FyUktxeHMyaFE0Q2R5SXVHWjRaZFJaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1917
content-length
541
expires
0
/
onetag-sys.com/usync/ Frame 1DB8 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1636794188316
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
iframe
mantodea.mantisadnetwork.com/prebid/ Frame CF19 		248 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
bddf9a49f9afb0f4a339218b1657293607415b2ed5dfe21631e6129cba01a01f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
text/html; charset=utf-8
content-length
248
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"f8-Wc20kjmAqmRlXyLa3kaREeY9+ek"
sync.html
public.servenobid.com/ Frame 412F 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Mon, 08 Nov 2021 19:40:02 GMT
accept-ranges
bytes
etag
"1484c6be7981ef2d93457ae1b8222f04"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
XJpVPu2BXSnU5zVByYTviEMn6sLZffgbZzlV3WB0OjHU6nX8XKj/Y1MwMMdlVT7rlaf3Tx54t3I=
x-amz-request-id
548FCWFADJF5CKQT
x-amz-meta-codebuild-content-sha256
62eaff6ee8ff549c0050f611ee47c040b5383016dfbf921a2d194f6354569f2b
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:d8405d4a-5b5c-467c-aa1e-ad154dcb077c
x-amz-meta-codebuild-content-md5
81217ffa8e68730be30130a20e0871d1
x-azure-ref-originshield
0wGSPYQAAAADL74SMDKv4SIK632rf1aAGQU1TMDRFREdFMTkxOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0T3+PYQAAAAB12TkRUvyrTJTgku1SZ5NzRlJBRURHRTEwMjAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Sat, 13 Nov 2021 09:03:11 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B88C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 11 Nov 2021 09:27:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 13 Nov 2021 09:03:11 GMT
Age
84964
X-Served-By
cache-lga21968-LGA, cache-hhn4034-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 1149102
X-Timer
S1636794192.673008,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 25A9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1636794000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Nov 2021 09:03:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
usync.js
eus.rubiconproject.com/ Frame 25A9 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46026
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Sat, 13 Nov 2021 21:50:17 GMT
async_usersync
ib.adnxs.com/ Frame B88C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:11 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0eedb12f-30e6-4937-be46-7d9bedfbecdb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame CF19 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=6115725d81c45d000f945f3e&s=filecr.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 00:53:27 GMT
server
cloudflare
age
6576
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ad6d352ec79d20c-MAN
content-length
1168
expires
Sat, 13 Nov 2021 11:03:11 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame CF19
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=b31c5af8-31f4-4ee1-9634-cd3440c83aae
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=b31c5af8-31f4-4ee1-9634-cd3440c83aae
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Protocol
H2
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=b31c5af8-31f4-4ee1-9634-cd3440c83aae
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
13926
g2.gumgum.com/usync/ Frame 8785 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af50bdcb148586cf29fbdb3fe5f692fd93fc082cd2a653c8c460215099a97d0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"0678ff4308be6b5edceef5364ca81fc95"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 28D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Sat, 13 Nov 2021 09:03:11 GMT
/
onetag-sys.com/usync/ Frame 6F53 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 1FA1 		697 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cf1bbfa93b0e7ece13a529aeb2229edd08189dec75c1359169531bea128178ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
text/html
content-length
697
usermatch
ssum-sec.casalemedia.com/ Frame BA9C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d38d23b5d54b52249c86f491301040403c1229bbb5d26b5ebc079c5a971161c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|73|221|152|206|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1584
Expires
Sat, 13 Nov 2021 09:03:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:11 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5663386429566914479
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5663386429566914479
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:11 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
65dea7f5-589b-4cf5-9fe9-7a47172ded26
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=5663386429566914479
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=477fe2f416b75f6b8bfc3abf
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=477fe2f416b75f6b8bfc3abf
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=477fe2f416b75f6b8bfc3abf
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2734587355
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2734587355
  • https://sync.1rx.io/usersync/tradedesk/9345ccf1-f80e-4fe8-925d-588556ac0b17
  • https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
date
Sat, 13 Nov 2021 09:03:11 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0f403208b8e546bf93ab0ed7f5265cbd003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 412F 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.13.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-13-13.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5131077719707519648
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5131077719707519648
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5131077719707519648
Date
Sat, 13 Nov 2021 09:03:11 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 412F 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=76c38c41-7627-4ab0-8b36-fa447fb60bbb&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=76c38c41-7627-4ab0-8b36-fa447fb60bbb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=76c38c41-7627-4ab0-8b36-fa447fb60bbb&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 13 Nov 2021 09:03:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 412F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D
  • https://sync.aralego.com/idSync?ucf_nid=par-627D96DE43D94E241EAD99688E72B636&ucf_user_id=b84945613eaa2d4a&redirect=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fuid%3DUCFUID%26vendor%3D60114
  • https://t.adx.opera.com/sync?uid=UCFUID&vendor=60114
  • https://ups.analytics.yahoo.com/ups/58484/occ
  • https://t.adx.opera.com/sync?vendor=60112&uid=y-uHyfJqZE2uFhuae84.6VQ8cSHj_s1JlDaA6DCKA-~A
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID
  • https://t.adx.opera.com/sync?vendor=60124&uid=2565044197747956609
  • https://ads.servenobid.com/sync?operaUid=aaed1e65ada645c6873ab4336b6722ff&pid=335&uid=
0
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?operaUid=aaed1e65ada645c6873ab4336b6722ff&pid=335&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:13 GMT
server
Tengine
access-control-allow-origin
*
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
location
https://ads.servenobid.com/sync?operaUid=aaed1e65ada645c6873ab4336b6722ff&pid=335&uid=
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
117
expires
Mon, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 25A9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 25A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYS1pZTVgtMTEtSU1HVg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 25A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxMzc5YTlmNWU2N2VkYTJjMGNiM2VkOGU4NjJmNWI5MzU5ZmE1OA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxMzc5YTlmNWU2N2VkYTJjMGNiM2VkOGU4NjJmNWI5MzU5ZmE1OA
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxMzc5YTlmNWU2N2VkYTJjMGNiM2VkOGU4NjJmNWI5MzU5ZmE1OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 25A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YNMUECnRTkiVxmu6GUYmW8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7772786691144388439
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7772786691144388439
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Sat, 13 Nov 2021 09:03:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7772786691144388439
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 25A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 25A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=441d618f-7f4f-4f00-82c3-bdfd40527d67
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=441d618f-7f4f-4f00-82c3-bdfd40527d67
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=441d618f-7f4f-4f00-82c3-bdfd40527d67
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 09:03:10 GMT
tap.php
pixel.rubiconproject.com/ Frame 25A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YY9-TwAEMYX3HgAz
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9-TwAEMYX3HgAz&_test=YY9-TwAEMYX3HgAz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9-TwAEMYX3HgAz&_test=YY9-TwAEMYX3HgAz
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636794192.952918,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9-TwAEMYX3HgAz&_test=YY9-TwAEMYX3HgAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 25A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG530ORnro6lwMDT7KdgA-4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG530ORnro6lwMDT7KdgA-4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG530ORnro6lwMDT7KdgA-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1FA1 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7138265272887959340&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
1.gif
id5-sync.com/c/102/0/9/ Frame 1FA1
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 09:03:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
Date
Sat, 13 Nov 2021 09:03:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 1FA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b31c5af8-31f4-4ee1-9634-cd3440c83aae&gdpr=1&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b31c5af8-31f4-4ee1-9634-cd3440c83aae&gdpr=1&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b31c5af8-31f4-4ee1-9634-cd3440c83aae&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
/
s.ad.smaato.net/c/ Frame 1FA1 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
mYHfMpiGPpxlXAnTjJMVjrxZDVvi4hkgjpRWFfw2Wi9u9DUoaUbNJQ==
x-cache
FunctionGeneratedResponse from cloudfront
/
rtb-csync.smartadserver.com/redir/ Frame 1FA1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5d77618f-7f4f-4300-940a-92766e5e65cf&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5d77618f-7f4f-4300-940a-92766e5e65cf&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5d77618f-7f4f-4300-940a-92766e5e65cf&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 09:03:10 GMT
flimpobj.js
pixel.yabidos.com/ Frame CF19 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1636794191854&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=1lk1ro2ou9k5&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=6115725d81c45d000f945f3e&s=filecr.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb10332dc621b9541b8f55eef009449040fc8f309565dad896bbaec1ad981a77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 00:53:27 GMT
server
cloudflare
age
6634
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ad6d3532ca8d20c-MAN
content-length
24066
expires
Sat, 13 Nov 2021 11:03:11 GMT
dcm
s.amazon-adsystem.com/ Frame BA9C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BJJ50BFPCYWB3DQ66MG2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TQAPE42S4HZ08XPHTAKX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BA9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBd0SYtpBLN3I_8BwdRTYhQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBd0SYtpBLN3I_8BwdRTYhQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 13 Nov 2021 09:03:11 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBd0SYtpBLN3I_8BwdRTYhQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BA9C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BA9C 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame BA9C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1
49 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.165
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9-Td0ZzwXIXUFZtwa-eAAA%261141?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.18.137
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame BA9C
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29d7bb3b-6bd4-4bc6-bf71-5269efe1a2fe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29d7bb3b-6bd4-4bc6-bf71-5269efe1a2fe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 09:03:12 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29d7bb3b-6bd4-4bc6-bf71-5269efe1a2fe
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame BA9C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame BA9C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639386191
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639386191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 09:03:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639386191
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ads.servenobid.com/ Frame BA9C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=5663386429566914479
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=5663386429566914479
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:11 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
159e2fe7-b592-4237-89fd-520fd88219af
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=5663386429566914479
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=4n4EkeMpCJH5KQ7B7X4RkeR5WMP5el2W53wMse3Q
  • https://rtb.gumgum.com/usersync?b=bsw&i=72a3fc23-db77-41cc-8e33-775ce3e9e5e1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=72a3fc23-db77-41cc-8e33-775ce3e9e5e1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=72a3fc23-db77-41cc-8e33-775ce3e9e5e1
Date
Sat, 13 Nov 2021 09:03:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d06f88d2-c273-463d-636f-dba9f0bb8d5e$ip$185.232.23.178
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-d06f88d2-c273-463d-636f-dba9f0bb8d5e$ip$185.232.23.178
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-d06f88d2-c273-463d-636f-dba9f0bb8d5e$ip$185.232.23.178
Date
Sat, 13 Nov 2021 09:03:12 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_53791d02-10f8-439f-8726-43427f850b3b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=KZqMKWWnQdlSWO-LvjAX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S22OFGUWV2XNZIWI3CTK5HS2TDWNJAVQJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KZqMKWWnQdlSWO-LvjAX&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KZqMKWWnQdlSWO-LvjAX&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KZqMKWWnQdlSWO-LvjAX&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
sync.targeting.unrulymedia.com/csync/ Frame 8785
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7077743617
  • https://sync.1rx.io/usersync/tradedesk/b31c5af8-31f4-4ee1-9634-cd3440c83aae
  • https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=1G9QD6kTatp7&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=1G9QD6kTatp7&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=1G9QD6kTatp7&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-l68px
expires
-1
/
temp.com/ Frame 8785
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28PVHkCmygPC9R4IpL-yKf__4AfC1x3Hu535gOIq2Mb6lNLScT7x4t7gnL4eGKNlyT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_53791d02-10f8-439f-8726-43427f850b3b&obuid=ENC(PVHkCmygPC9R4IpL-yKf__4AfC1x3Hu535gOIq2Mb6lNLScT7x4t7gnL4eGKNlyT)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://temp.com/
0
0
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=64586dc8-db40-4846-a6c5-0f9e9a674606
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=64586dc8-db40-4846-a6c5-0f9e9a674606
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=64586dc8-db40-4846-a6c5-0f9e9a674606
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-ZIbHRaNE2pdwPJKrhp0w_iXQ12JgCKFsUKPc~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-ZIbHRaNE2pdwPJKrhp0w_iXQ12JgCKFsUKPc~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 13 Nov 2021 09:03:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-ZIbHRaNE2pdwPJKrhp0w_iXQ12JgCKFsUKPc~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=8780639a-4460-11ec-9c5d-b79aa551c8c8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=8780639a-4460-11ec-9c5d-b79aa551c8c8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=8780639a-4460-11ec-9c5d-b79aa551c8c8
Date
Sat, 13 Nov 2021 09:03:11 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8780639b-4460-11ec-9c5d-b79aa551c8c8
services
sync.technoratimedia.com/ Frame 8785 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
185043599
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 8785 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 8785
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=edcd954d-63d9-4fef-8bb7-e9bf2847e45d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=edcd954d-63d9-4fef-8bb7-e9bf2847e45d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=edcd954d-63d9-4fef-8bb7-e9bf2847e45d
date
Sat, 13 Nov 2021 09:03:12 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 8785 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-length
0
sync
ads.servenobid.com/ Frame 8785 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_53791d02-10f8-439f-8726-43427f850b3b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 742C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50710
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 09:03:12 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 19FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=b31c5af8-31f4-4ee1-9634-cd3440c83aae&t=1639386191
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=b31c5af8-31f4-4ee1-9634-cd3440c83aae&t=1639386191
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=b31c5af8-31f4-4ee1-9634-cd3440c83aae&t=1639386191
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame C875
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Nov 2021 09:03:11 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Sat, 13 Nov 2021 09:03:11 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame A937
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=441d618f-7f4f-4f00-82c3-bdfd40527d67&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=441d618f-7f4f-4f00-82c3-bdfd40527d67&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master cdg-pixel-x8 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=441d618f-7f4f-4f00-82c3-bdfd40527d67&gdpr=0&gdpr_consent=
Expires
Sat, 13 Nov 2021 09:03:10 GMT
usersync
rtb.gumgum.com/ Frame 767B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
  • https://rtb.gumgum.com/usersync?b=atm&i=YY9-TwAEM0L3_gAz&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YY9-TwAEM0L3_gAz&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YY9-TwAEM0L3_gAz&gdpr=0&gdpr_consent=&_test=YY9-TwAEM0L3_gAz
accept-ranges
bytes
date
Sat, 13 Nov 2021 09:03:11 GMT
via
1.1 varnish
x-served-by
cache-hhn4073-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1636794192.996256,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame EC7B 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Mzc5MWQwMi0xMGY4LTQzOWYtODcyNi00MzQyN2Y4NTBiM2I=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Sat, 13 Nov 2021 09:03:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame 9557 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Sat, 13 Nov 2021 09:03:12 GMT
um
cs.emxdgt.com/ Frame 6645 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Sat, 13 Nov 2021 09:03:11 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 00A3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YY9-UMCo8XoAADpgcewAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YY9-UMCo8XoAADpgcewAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sat, 13 Nov 2021 09:03:12 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YY9-UMCo8XoAADpgcewAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
5
X-SO-HostName
m-ad211.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":54,"gdpr":true,"ipv4":"0.0.0.0","key":"YY9-UMCo8XoAADpgcewAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad211"}
X-SO-Key
YY9-UMCo8XoAADpgcewAAAAA
X-SO-IP
185.232.23.178
X-SO-Cluster-ID
54
X-SO-Upstream-ID
m-ad211
usersync
rtb.gumgum.com/ Frame 5174
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5131077719707519648
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5131077719707519648
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=5131077719707519648
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 2525
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=4ljPKN0glWIsAQQHG5nH&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=4ljPKN0glWIsAQQHG5nH&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Sat, 13 Nov 2021 09:03:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 13 Nov 2021 09:03:11 GMT Sat, 13 Nov 2021 09:03:11 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=4ljPKN0glWIsAQQHG5nH&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
vbl.gif
pre.glotgrx.com/ Frame CF19 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1636794191922&rnd=1lk1ro2ou9k5&ifm=1&uai=1&cid=1041&s=filecr.com&p=6115725d81c45d000f945f3e&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.63.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 00:53:19 GMT
server
cloudflare
age
5764
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ad6d353fab33ac3-CDG
content-length
26
expires
Sat, 13 Nov 2021 11:03:11 GMT
nflrc.gif
pre.glotgrx.com/ Frame CF19 		26 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1636794191910164&ver=1.2r81&qid=83233313f553333313f513430313&p=6115725d81c45d000f945f3e&s=filecr.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=1lk1ro2ou9k5&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=6186b3cbdf03a5e3c1f89746d34b8020&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=23&icp=https%253A//filecr.com/&irfl=23&irf=https%253A//filecr.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-24-s-fl-10-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.6_undefined_null_0_undefined_false&fli=&flerr=0&trim=&fio=20
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1636794188613&secure=true&version=9&uuid=001fa0d0-e2ad-4763-8fcb-8daf718ea649&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94410900864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.63.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 00:53:19 GMT
server
cloudflare
age
5264
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ad6d353fab53ac3-CDG
content-length
26
expires
Sat, 13 Nov 2021 11:03:12 GMT
usync.js
eus.rubiconproject.com/ Frame C875 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 09:03:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46026
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Sat, 13 Nov 2021 21:50:17 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame C875 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 742C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47805745&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:03:12 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame B88C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 09:03:12 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1862a06e-3596-4280-a4a5-5435014c4030
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
admin-ajax.php
filecr.com/wp-admin/ 		15 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-admin/admin-ajax.php
Requested by
Host: filecr.com
URL: https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::ac43:8ae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25, PleskLin
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://filecr.com/en/?id=94410900864
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 09:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.25, PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZifBcOjAClD1qsyF4Xysz9%2FI5xh4NobWrmdGVQR7ULJ77%2F2NaQiTcHnFwqra8O0ajEDwTY30WSVbp%2BPMgbls%2B4WckDc3BQsEjM%2FK1fF%2FK%2FZNUJhSpPijnrSoarAQYCOTCgD7%2BJ%2Bolus"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad6d35fd8535a25-MXP
expires
Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3
Domain
temp.com
URL
https://temp.com/

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| cppVars undefined| $ function| jQuery object| advads_options object| advads number| advadsCfpExpHours number| advadsCfpClickLimit number| advadsCfpBan string| advadsCfpPath string| advadsCfpDomain object| advadsCfpQueue function| advadsCfpAd object| _mNHandle string| medianet_versionId string| medianet_chnm object| medianet_misc function| gtag object| dataLayer object| adsbygoogle function| advanced_ads_check_adblocker object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| __SVG_SPRITE__ object| ratingPlugin object| Confirm object| notification object| ShPublic function| updateQueryStringParameter function| setCookie function| onlyUnique object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| wp object| advads_has_ads object| BTHwMGIKuUfk_FW54e function| _0xe61c object| twemoji object| advadsProCfp object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| bsagpt object| bsaheaderbid object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| google_tag_data string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| hbCMBidxc function| _cR function| _cD object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| Criteo object| google_llp object| sas object| apntag object| _ADAGIO string| mantis_uuid object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_js_items object| GoogleGcLKhOms object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_115 object| Criteo_prebid_115

85 Cookies

Domain/Path Name / Value
filecr.com/ Name: PHPSESSID
Value: nb5dbj412gbnf8lkrl103dk32t
filecr.com/ Name: advanced_ads_browser_width
Value: 1600
.filecr.com/ Name: _ga
Value: GA1.2.1400227792.1636794188
.filecr.com/ Name: _gid
Value: GA1.2.363967678.1636794188
.filecr.com/ Name: _gat_gtag_UA_139662474_1
Value: 1
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: khaos
Value: KVXKZYMX-11-IMGV
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2oagcbnHUZ4dproiWwdM6Zsj4aADY2PVL24WPzaViPwW+OYueNNI4oANnOER36PY/ggJ3pD4CYm1IAbBVu7i8M0A+VO7RH1E0=
.doubleclick.net/ Name: IDE
Value: AHWqTUmDGuQ-SrRnsbnffTkce8ax7oDSjGDAKH9gX4svKSbdm0tS9Wkqry7aCqCP9zI
.doubleclick.net/ Name: DSID
Value: NO_DATA
.filecr.com/ Name: __gads
Value: ID=fc87a1460e26a851:T=1636794187:S=ALNI_MYl-UVLJDQhHMg0Yds6cYWf0F_Rrw
.adnxs.com/ Name: uuid2
Value: 5663386429566914479
.openx.net/ Name: i
Value: 40c9f6e1-5ad2-4fe7-9b68-d79b361074bd|1636794189
.casalemedia.com/ Name: CMPS
Value: 5205
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C'$s-d/Z!]tbPl1M>e)ZlrFUfJ+tGXxp:PVH83BH/v_>O]$y:<hexSEI/`X^X94L`JFo*bpRz*qF1`*b`Wz*?c'S
.casalemedia.com/ Name: CMID
Value: YY9-Td0ZzwXIXUFZtwa-eAAA
.casalemedia.com/ Name: CMPRO
Value: 1141
.media.net/ Name: visitor-id
Value: 2797957899537871000V10
.media.net/ Name: data-g
Value: CAESENJYeFXUH8obugh9fThWu7c~~3
.sharethrough.com/ Name: stx_user_id
Value: 4865768d-825e-4215-91ef-6793f4604ff5
.3lift.com/ Name: tluid
Value: 2565044197747956609
.advertising.com/ Name: APID
Value: UP8631005a-4460-11ec-8392-02a00eb282d4
.yahoo.com/ Name: APID
Value: UP8631005a-4460-11ec-8392-02a00eb282d4
.yahoo.com/ Name: APIDTS
Value: 1636794190
.lijit.com/ Name: ljt_reader
Value: 477fe2f416b75f6b8bfc3abf
.yahoo.com/ Name: A3
Value: d=AQABBE5_j2ECEDlxOIPmyz6Z8jmS8_FWhvsFEgEBAQHQkGGZYQAAAAAA_eMAAA&S=AQAAAgcwbAmpwUfdyNd9qAcquHw
.criteo.com/ Name: uid
Value: 3de8503e-5bb1-4706-ba0e-587607f78107
.filecr.com/ Name: cto_bundle
Value: H7qmx19wclN0VnRaSHpVOSUyQm5VJTJCQmYyM2RpVHU1JTJGM2pRcjk0YWlyYlF5WEo4WnZzSEZVM2R0c1pTYjh4RG9pRXJNa3h6a0tVT2hiYTNCZWkybjhoVDFBZE1VYldNN0JnQ3haY2F6RkUwQXhKTzJVNG4yRzR6cTVtR3M0YiUyQmNvYmdjamU1dGxuYU5OT2VaZ202Z1dKVng4bHNsQSUzRCUzRA
.smartadserver.com/ Name: pid
Value: 7138265272887959340
.servenobid.com/ Name: pid_312
Value: 5663386429566914479
.servenobid.com/ Name: pid_317
Value: 7138265272887959340
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: faa68c17-3f91-483a-80b5-4be8fe7834d1#1636794184301#1
.id5-sync.com/ Name: callback
Value:
.gumgum.com/ Name: vst
Value: e_53791d02-10f8-439f-8726-43427f850b3b
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3tDQ3MDc1tDQzsRDiM9Q18qyqKvQ0LbE0MqiQ4jU0MzYztzQxtDS0MDcEALrU8xc0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3tDQ3MDc1tDQzsRDiM9Q18qyqKvQ0LbE0MqgAAOuKdrAlAAAA
.mathtag.com/ Name: uuid
Value: 441d618f-7f4f-4f00-82c3-bdfd40527d67
.servenobid.com/ Name: pid_333
Value: YY9_Td0ZzwXIXUFZtwa_eAAABHUAAAAB
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003%22%7D
.servenobid.com/ Name: pid_324
Value: 5131077719707519648
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslxmtoZmxmbmliaGloaWB6ShyJb2FuCAA9lsBFIAAAAA
.servenobid.com/ Name: pid_309
Value: e_53791d02-10f8-439f-8726-43427f850b3b
.adsrvr.org/ Name: TDID
Value: b31c5af8-31f4-4ee1-9634-cd3440c83aae
.bidswitch.net/ Name: tuuid
Value: 72a3fc23-db77-41cc-8e33-775ce3e9e5e1
.bidswitch.net/ Name: c
Value: 1636794191
.bidswitch.net/ Name: tuuid_lu
Value: 1636794191
.creativecdn.com/ Name: u
Value: 4ljPKN0glWIsAQQHG5nH
.creativecdn.com/ Name: ts
Value: 1636794191
.smartadserver.com/ Name: csync
Value: 25:5d77618f-7f4f-4300-940a-92766e5e65cf
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjO1uLp5KOTOhAFOAFaC2FkY29uZHVjdG9yYAI.
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YY9-TwAEM0L3_gAz
.360yield.com/ Name: tuuid
Value: edcd954d-63d9-4fef-8bb7-e9bf2847e45d
.360yield.com/ Name: tuuid_lu
Value: 1636794191
.quantserve.com/ Name: d
Value: EBcBDQHbJP7KwQA
.quantserve.com/ Name: mc
Value: 618f7f4f-f2691-f06d4-5aa33
.casalemedia.com/ Name: CMST
Value: YY9-TWGPf1AA
.servenobid.com/ Name: pid_321
Value: RX-0f403208-b8e5-46bf-93ab-0ed7f5265cbd-003
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: e323db810522a86074c4dabd45db178b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDU2Mk5JsjA0MDUySrQwMzA3STZJSUxKMTFNSTI0t0hiAILE%2FvoAEA0FAE6LCpI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7K8PAFJQAAAWBwHA"
.a-mo.net/ Name: amuid2
Value: 76c38c41-7627-4ab0-8b36-fa447fb60bbb
.ads.pubmatic.com/ Name: KCCH
Value: YES
.postrelease.com/ Name: opt_out
Value: 1
.servenobid.com/ Name: pid_327
Value: 76c38c41-7627-4ab0-8b36-fa447fb60bbb
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 485d6959700c300c
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.zemanta.com/ Name: zuid
Value: KZqMKWWnQdlSWO-LvjAX
.outbrain.com/ Name: obuid
Value: 17f3a3c4-21c3-449e-82ca-76d8acd1d2d1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d06f88d2-c273-463d-636f-dba9f0bb8d5e.Lxlwi2XLbm%2BSHk4%2BxSEUuCw2%2B5bVrHwoWh2VRImHhwA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-d06f88d2-c273-463d-636f-dba9f0bb8d5e%24ip%24185.232.23.178.XbaOlGrlDD94Eb4pRgOgCwzedbWqRJJayev1OQ7oy08
.ipredictive.com/ Name: cu
Value: 8780639a-4460-11ec-9c5d-b79aa551c8c8|1636794192253
.casalemedia.com/ Name: CMRUM3
Value: 40618f7f502760no-consent&ce618f7f4f05a0&2d618f7f4d2760CAESEONejMVvHs7YFv6uKfXSffI&49618f7f4f05a0&f1618f7f4f05a0&e6618f7f4f2760&98618f7f50276029d7bb3b-6bd4-4bc6-bf71-5269efe1a2fe&dd618f7f4f2760&27618f7f4f0b40
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_310
Value: 477fe2f416b75f6b8bfc3abf
.adx.opera.com/ Name: UID
Value: aaed1e65ada645c6873ab4336b6722ff
.aralego.com/ Name: gdpr
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~21i9:18wq~21i9:194k~21i9"
.servenobid.com/ Name: pid_335
Value: aaed1e65ada645c6873ab4336b6722ff

5 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIZ6z4wxJJT7IvJXFxphcfoAos8blgpYBial1VoSAaekukDsy6FEmBCg9-rRlNKV9g4m7QTzoPcSNSyKg9useigAGyHCg&google_hm=dklEbDJuZE1JSnBKWkJDdmZEdG9TRWctdDVMUEEyWE1wSVNGMThjYm93SQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
dsum-sec.casalemedia.com
eb2.3lift.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fdf3724c94440e2ebceb6834fd945646.safeframe.googlesyndication.com
filecr.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
jadserve.postrelease.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.33across.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
public.servenobid.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
temp.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
webcrx.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
temp.com
104.111.215.191
104.16.201.58
104.16.63.54
124.146.215.48
13.248.245.213
142.250.185.130
142.250.186.130
142.250.186.98
147.75.61.140
151.101.2.49
151.101.65.108
178.162.133.149
178.250.0.157
178.250.0.165
18.156.0.31
18.159.140.98
18.195.155.181
18.196.162.123
185.184.8.65
185.255.84.151
185.29.134.244
185.33.221.91
185.86.137.107
185.86.139.115
192.0.77.2
192.96.200.41
193.0.160.129
193.122.128.135
198.148.27.140
198.47.127.19
2.18.233.180
2.18.234.21
2.18.235.93
2.19.35.65
208.100.17.172
209.54.180.144
213.19.147.44
23.79.143.124
2600:9000:2057:4c00:1b:5138:8a40:93a1
2602:803:c004:200::141
2606:4700:20::681a:9a9
2606:4700:3032::ac43:8ae6
2606:4700:3035::6815:5fcf
2606:4700::6810:135e
2606:4700::6812:372
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:bdf::44
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:1::13
2a02:2638:1::3
3.214.91.80
34.199.172.6
34.254.122.11
35.158.18.139
35.186.253.211
35.244.159.8
35.244.174.68
35.71.131.137
37.252.173.27
38.91.45.7
50.19.13.13
51.75.86.98
52.215.102.174
52.28.203.152
52.30.136.0
52.4.244.165
52.44.220.233
54.36.109.48
54.77.243.210
54.93.151.69
63.251.14.3
66.155.71.150
69.173.144.138
69.173.144.139
70.42.32.127
82.145.213.8
94.31.29.32
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03a8441bf3cc77d028816d64bd11cd4269470bd17c10344e45a745ae6790b30a
04a73f77ed71c2b153992670731ad4292f12cb3fdf3ad4eced60b70b39da6ebb
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70
0ada291c40e0a9e1a16027017afca21159ce7d9e65f4235c268e879777001c59
0ae5c83f204f2c4792a8c4953af1c83fb1c2305a0b3186e0fb2e690fef3b60ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145aacacbdc91f9483deae94c9e2c9b6feb0443d238f75aac1fb394f5a647adb
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7
161bb8d37a932eb15170c2309bec48da7d09e01df1d4eca3be007599b904ae9b
16b9e32d2030053b8337c5597c606a4903c783429172b9b47375821b60eb8c19
17c75b4dcae5ab3517f9b90ba0e00d3aa9a103be31495c7eda513111cb1e7e4b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1df7816f0704cb8087e238d0868d7eeb714c635f1bb705e471defc8aad078457
1e337068ce953a62bfd5194c344846aaba3f404df2f85c76006f51cffafe1dcb
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
28826b7eba1f10ce469773acbaded1a894bb85a1aae352038ee1852c6d75b749
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd
2ba1fad3df2fac0d0f219465ee024b2400bc84e02a6d85f7e12f2a6147a71ad3
2e7f8cf8c862f8a1c937041c003034ed50a8ccc933e4c4af753115c82f472fdc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301b7f90883a5eae0d1ca90254142e6efec3cb42f61d1a25b9509353575052b6
317b82c9ad19ba5131f7bd4046d849515c6edb77aaacaceab65ae19b30deb556
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
335177979af8fa9200779e33f7e8766a0b322a921f0b187fcd615182887694ec
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38cb746a6352c72e8d0a1d25e0976b2dfa2b33c96d92899fff483f84c4c29812
3a20acc6718a1d758b890762935e185bdcef93c5ae402acd0f0469c37e7b520f
3b63b8204bb5b1c874110eb937fa664ba86fa33df179d11384dcbad188f434c0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d4e31d17390e2dc2cc21ab22aeadb9237a5f5726aad1a67bdf85465372d51f
4ae4475c038ce883f487a380e71a433292eb32e92dd409b01d4f0327044de18e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e38f3bada67f21b0cd8f6d80fc0eb4e00db3376ce23e10f57d4198e49f42d85
4eec8b4cf378b55ea19a79ad7d75f2e7c46a080f0448fd2353872369493b200d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b1c0e083f88a9cdcbebc4e01212bfc778f0a82e85d0b8529ae1a769cf1cbea
55b2aa83790596c302fa2c691f98b46cd863b1ae8adf189d45df8bbcb7b063d5
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93
588602d1773a061ce5690cd0d166e05a3458322a52a1b52bc05c44dcb7acb482
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d737bea2381c492cb203ba6f86d39ba15aa569af7acb086d2bf37475d0689e2
630591a94717bf0928577242eec0a467ff45475f3cee67a9f1b2d3c64d292b9f
6333cd2417a043d595e5b6fe830a0154dc0d56d6c282e74f8709623f9effb17c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67bf69eee163ebb4a96d02b5167c003a52e8952c5728e4101f6a375efb2855df
6a16bfb3712d2de0b847d073249eda013d9c270c6ce949ea0cd02c65bd5d130f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
748efbe503f7c8a9ed0179768c11236eae7e6ad32059dab25869aa18e19f61e5
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
778cffaf613e570286978326feeb5c293c32d8fad04cad5344cb2abd3cb87666
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080
7be2e7406b3bc5fc882af9b3cb4479fd460bafd405b01fb9b448c0740185f18c
7e309ed2b8ef0413f3ef7afed63f7111ab791f80e128042ee58c7f61b80cbef6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82306ee1c73645fae41bfa4f4e61309db035fd5a07e56b6f35519700db64234e
841decde2dd95908450e8bad0163a509bb9e6da009901c2416c2e68dd1a7b682
885adf90cbd374aa089e03173990d608d5ff78aab43e98f9d7afe2819118fca1
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72
89e53ebca5f0fc3cd2e66b68b2de01494b9612c27d28bc935994978d19eb47a2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8d6c1a43a17be9da61be84778982b8c21d4cba89ad69c017f6d28c2deff5d74c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
9518434f960a182a8a80f0e47694b7ac596acc6545c9e42d6f867e3fbbc366ac
9631e8f398659e7a69110fd76d5ee0b5ccdd5481c0ba27667c5c901c9cc40173
96bbe642198cb06c74d175b6197943f4b1383ccb8df25b9cacc82eaf91ad0f02
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9f793f9c533b96d66551987dc145b002eab2324d790181991017b4de9bdca06f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08ea0fedbd4d5d95244537e3a58464d99e6e94e4868455954b9818edf7e1ad0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d0cfbf6f74dbad3eb854323ca38e4154c6e49f97636dab357a8adce6ff8db8
a5412f10babb1a268575accb85b5fb60afa8ced50e98e7a1a8473b1def892850
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef
aa4313c8f21587e748268c9985e71b20119a7fefa6cd42703336fa347502cdc2
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae43f43ea7b2990cfa6dfdcaffdb361ec4b15972b989750ea3a94cd4ffa085c0
af50bdcb148586cf29fbdb3fe5f692fd93fc082cd2a653c8c460215099a97d0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bad63fe628ef1a8d92457e8270efe6896076cd67a48e06a24be04f54f7843c35
bad6e1ed92fe187e743458017d2aad31b26c3288f8503e6214c56ddbbae04d69
bc3408cac4118bebf9f1d478191fe07f46b5d579da8548aef66e3d5b26eccd8c
bcaed03e08f7c64607442e34049408f9644e7f8742b7f6461b513afc207334dd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc31fa8d243005d788848ccf39008f58b2158a61c49995bdddf8781fa2a8add
bddf9a49f9afb0f4a339218b1657293607415b2ed5dfe21631e6129cba01a01f
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cc7e5602f828754366f31d77b57ef0bdb446cdbb629bbdaf839037b620f4d
c260640cb7989e0cd963ccc8b4142725c0211945d891e84bca1b545cda9d6c5b
c285303264d893f3a1cdf371591e85839fa11a23a81a55d851a5d9a9959f39c0
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cb7f11ed662ecbcf3ac062732a680aa286d5911ff6028a7e705efb9a23bceeb7
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf1bbfa93b0e7ece13a529aeb2229edd08189dec75c1359169531bea128178ef
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d38d23b5d54b52249c86f491301040403c1229bbb5d26b5ebc079c5a971161c0
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d499569b7fd8f7e2ea1d2db03346b0bd7791ea9ba114b3d69d80fcaeeafc426a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db697fd676dce217334d446b218f2c6b4a8e6d21baad158d5bf174f6e9639545
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6ae851545d8c9d4ddf9c4fdb5b5be9d5117feeb50fc7a139c3e8e86b873d18
ddba82e7aa0e6c7402310c5a6ab64775092a5cdd628d88d000d960ae14f1b82e
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e
e376d262896b627dc718e127e91def860389c8ec1df39292e7ecaf279286739b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a29d493480b7be81393fad7f5edb85fe59632f403abdcee92367c95852204
e42f6b525b560f5a3fceea51b80b88c0fae967e1a7908cd8eb853714ced86625
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eec3b619999b1d35f59aa561731b7d64623b0c7bbb6aaee35cabc5bc394eefeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f60e4ad0c0a17f5bf1b1c580ba75d741b2feabbb5e215cbd75353aee3d0f7852
f7df6918f3e99a25668d4dbf63a53a26658855f54b5d701305233fb25aef2aae
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
fb10332dc621b9541b8f55eef009449040fc8f309565dad896bbaec1ad981a77
fb4629a480d46bcee6690079f29a9cd03084758fe28ec696eb4b1c0970d2263a