urlscan.io logo urlscan.io
SecurityTrails logo

filecr.com Open in urlscan Pro
2606:4700:3035::ac43:8bfc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://filecr.com/
Effective URL: https://filecr.com/en/
Submission: On January 17 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 13 countries across 80 domains to perform 431 HTTP transactions. The main IP is 2606:4700:3035::ac43:8bfc, located in United States and belongs to CLOUDFLARENET, US. The main domain is filecr.com. The Cisco Umbrella rank of the primary domain is 223315.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time filecr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 24 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 5 184.87.212.24 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
21 192.0.77.2 2635 (AUTOMATTIC)
1 94.31.29.32 6461 (ZAYO-6461)
1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 52.49.84.113 16509 (AMAZON-02)
3 7 185.33.221.91 29990 (ASN-APPNEX)
1 3.124.87.92 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
10 35.157.246.167 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.174.217.176 14618 (AMAZON-AES)
5 2602:803:c003... 26667 (RUBICONPR...)
2 18.197.210.187 16509 (AMAZON-02)
4 51.75.86.98 16276 (OVH)
1 178.250.2.131 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 45 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
55 2a00:1450:400... 15169 (GOOGLE)
9 38 172.217.18.98 15169 (GOOGLE)
2 6 2.21.141.232 16625 (AKAMAI-AS)
2 4 34.98.64.218 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 178.250.0.157 44788 (ASN-CRITE...)
4 142.250.186.34 15169 (GOOGLE)
1 52.2.183.88 14618 (AMAZON-AES)
1 35.227.252.103 15169 (GOOGLE)
4 185.86.138.119 201081 (SMARTADSE...)
7 7 18.156.0.31 16509 (AMAZON-02)
2 6 69.173.144.138 26667 (RUBICONPR...)
4 8 13.248.245.213 16509 (AMAZON-02)
2 2 18.185.129.183 16509 (AMAZON-02)
5 6 2a05:d018:d29... 16509 (AMAZON-02)
4 5 198.47.127.19 3257 (GTT-BACKB...)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
1 1 35.157.102.105 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 5 104.92.74.8 16625 (AKAMAI-AS)
1 2.21.141.148 16625 (AKAMAI-AS)
1 2620:1ec:46::45 8068 (MICROSOFT...)
7 10 35.71.131.137 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
5 6 18.198.121.250 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 52.46.154.242 16509 (AMAZON-02)
3 3 64.202.112.159 22075 (AS-OUTBRAIN)
2 104.16.200.58 13335 (CLOUDFLAR...)
1 18 34.248.122.81 16509 (AMAZON-02)
2 67.202.105.23 32748 (STEADFAST)
1 1 216.52.2.19 29791 (VOXEL-DOT...)
6 6 213.19.147.44 3356 (LEVEL3)
1 3.217.216.1 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 147.75.38.124 54825 (PACKET)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 151.101.194.49 54113 (FASTLY)
4 199.187.193.166 47043 (SMARTADSE...)
2 2 178.250.2.151 44788 (ASN-CRITE...)
2 2 135.125.160.160 16276 (OVH)
2 2 185.33.221.53 29990 (ASN-APPNEX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 34.249.68.36 16509 (AMAZON-02)
1 1 54.236.185.42 14618 (AMAZON-AES)
1 2.21.142.210 16625 (AKAMAI-AS)
1 1 188.34.152.202 24940 (HETZNER-AS)
3 3 64.202.112.127 23352 (SERVERCEN...)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 52.200.181.105 14618 (AMAZON-AES)
1 1 54.226.209.67 14618 (AMAZON-AES)
1 129.159.70.95 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 104.90.192.27 16625 (AKAMAI-AS)
2 2 52.31.82.104 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 3 185.29.134.244 30419 (MEDIAMATH...)
2 2.21.141.175 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.100 4694 (IDCF IDC ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 4 37.157.2.237 198622 (ADFORM)
8 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.169 1299 (TWELVE99 ...)
3 198.47.127.20 3257 (GTT-BACKB...)
3 3 51.222.80.231 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.122.14.34 36351 (SOFTLAYER)
431 84
24    2606:4700:3035::ac43:8bfc (United States)

ASN13335 (CLOUDFLARENET, US)
filecr.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
31    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
i3.wp.com
i1.wp.com
i2.wp.com
1    94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2606:4700:3035::6815:5fcf (United States)

ASN13335 (CLOUDFLARENET, US)
webcrx.io
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
10    52.49.84.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    3.124.87.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
10    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    35.174.217.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-217-176.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
5    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    18.197.210.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-210-187.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
6    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
45    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
gcdn.2mdn.net
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
55    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
38    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
6    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
1    52.2.183.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-183-88.compute-1.amazonaws.com
sync.adaptv.advertising.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    185.86.138.119 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
8    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.185.129.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-129-183.eu-central-1.compute.amazonaws.com
pixel.advertising.com
6    2a05:d018:d29:3601:f480:735b:95a5:a0a3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    35.157.102.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-102-105.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a00:1450:4001:65::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5e6nz7.c.2mdn.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
ade.googlesyndication.com
5    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    18.198.121.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-121-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
18    34.248.122.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
1    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
6    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com
jadserve.postrelease.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
2    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2606:4700::6810:78c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    2606:4700:3039::6815:c08f (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    54.236.185.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com
sync.extend.tv
1    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    188.34.152.202 (Tann, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.152.34.188.clients.your-server.de
bidswitch-eu.splicky.com
3    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2600:9000:2156:2800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-209-67.compute-1.amazonaws.com
sync.ipredictive.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.31.82.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-82-104.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
4    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
82 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 268
709 KB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
350 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
gcdn.2mdn.net — Cisco Umbrella Rank: 957
r2---sn-4g5e6nz7.c.2mdn.net
1 MB
25 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
10 KB
24 filecr.com
filecr.com — Cisco Umbrella Rank: 223315
227 KB
21 wp.com
i0.wp.com — Cisco Umbrella Rank: 3215
i3.wp.com — Cisco Umbrella Rank: 46854
i1.wp.com — Cisco Umbrella Rank: 5313
i2.wp.com — Cisco Umbrella Rank: 5086
128 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
31 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com — Cisco Umbrella Rank: 1288
5 KB
18 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
ads.pubmatic.com — Cisco Umbrella Rank: 473
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
28 KB
18 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
295 KB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1823
public.servenobid.com — Cisco Umbrella Rank: 3540
8 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
4 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com — Cisco Umbrella Rank: 565
secure.adnxs.com — Cisco Umbrella Rank: 404
25 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 600
eb2.3lift.com — Cisco Umbrella Rank: 389
4 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
3 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
1 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
286 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
7 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
7 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
747 B
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
103 KB
5 media.net
contextual.media.net — Cisco Umbrella Rank: 516
cs.media.net — Cisco Umbrella Rank: 1922
140 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
1 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
2 KB
3 advertising.com
sync.adaptv.advertising.com — Cisco Umbrella Rank: 14903
pixel.advertising.com — Cisco Umbrella Rank: 327
951 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
match.sharethrough.com — Cisco Umbrella Rank: 637
570 B
3 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 11970
ecs.mantisadnetwork.com — Cisco Umbrella Rank: 23153
959 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
mp.4dex.io — Cisco Umbrella Rank: 2499
24 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
903 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
695 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5289
719 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
615 B
2 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 6448
387 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
942 B
2 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2343
ssc-cms.33across.com — Cisco Umbrella Rank: 877
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 6694
25 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
55 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
33 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
612 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
697 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
383 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
428 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
610 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
241 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 22976
221 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
725 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1809
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
311 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
478 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
751 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
427 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
590 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
704 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
250 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4305
704 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
645 B
1 webcrx.io
webcrx.io
2 KB
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 16454
191 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
431 80
Domain Requested by
55 s0.2mdn.net filecr.com
s0.2mdn.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
45 tpc.googlesyndication.com 2 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
filecr.com
tpc.googlesyndication.com
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
38 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
eb2.3lift.com
ssum-sec.casalemedia.com
g2.gumgum.com
31 pagead2.googlesyndication.com filecr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
24 filecr.com 3 redirects filecr.com
17 rtb.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
filecr.com
10 match.adsrvr.org 7 redirects eb2.3lift.com
ssum-sec.casalemedia.com
10 c2shb.ssp.yahoo.com cdn4.buysellads.net
10 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
8 eb2.3lift.com 4 redirects cdn4.buysellads.net
eb2.3lift.com
8 www.googletagservices.com cdn4.buysellads.net
googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
7 ups.analytics.yahoo.com 7 redirects
7 www.gstatic.com googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
7 ib.adnxs.com 3 redirects cdn4.buysellads.net
googleads.g.doubleclick.net
acdn.adnxs.com
7 i1.wp.com filecr.com
6 x.bidswitch.net 5 redirects eb2.3lift.com
6 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 www.google.com 2 redirects tpc.googlesyndication.com
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com googleads.g.doubleclick.net
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
filecr.com
5 image6.pubmatic.com 4 redirects ads.pubmatic.com
5 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 i2.wp.com filecr.com
5 i3.wp.com filecr.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 sync-tm.everesttech.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com cdn4.buysellads.net
eus.rubiconproject.com
g2.gumgum.com
4 ssbsync.smartadserver.com 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
public.servenobid.com
g2.gumgum.com
4 cs.media.net 4 redirects
4 googleads4.g.doubleclick.net filecr.com
4 us-u.openx.net 2 redirects googleads.g.doubleclick.net
4 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
4 i0.wp.com filecr.com
3 pixel.onaudience.com 3 redirects
3 sync.mathtag.com 3 redirects
3 sync.outbrain.com 3 redirects
3 b1sync.zemanta.com 3 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 ads.pubmatic.com g2.gumgum.com
ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 ad.360yield.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 pre.glotgrx.com mantodea.mantisadnetwork.com
2 secure.adnxs.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 dis.criteo.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ads.yahoo.com googleads.g.doubleclick.net
2 encrypted-tbn0.gstatic.com 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
2 encrypted-tbn2.gstatic.com 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 btlr.sharethrough.com cdn4.buysellads.net
2 mantodea.mantisadnetwork.com cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com filecr.com
cdnjs.cloudflare.com
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssc-cms.33across.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 s.ad.smaato.net g2.gumgum.com
1 bidswitch-eu.splicky.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 id.rlcdn.com
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 ssum-sec.casalemedia.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 public.servenobid.com cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 ade.googlesyndication.com
1 r2---sn-4g5e6nz7.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 match.sharethrough.com 1 redirects
1 rtb.openx.net 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
1 sync.adaptv.advertising.com 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
1 mug.criteo.com
1 encrypted-tbn3.gstatic.com 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
1 bidder.criteo.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 tlx.3lift.com cdn4.buysellads.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 webcrx.io filecr.com
1 cdn4.buysellads.net filecr.com
1 www.googletagmanager.com filecr.com
1 contextual.media.net filecr.com
431 128

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 58 frames:

Primary Page: https://filecr.com/en/
Frame ID: 34F18214185D8DCFA03C7869157589C0
Requests: 97 HTTP requests in this frame

Frame: https://webcrx.io/extension/comm
Frame ID: 2E419056833EEA8C06CD2D84A484FD38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 0250EDFC10B7BC30455086E083706C6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1642401726&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726340&bpp=3&bdt=402&idt=113&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4039045377573&frm=20&pv=2&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=95&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: B6D2E7129AB2D6DCE187FDBFEB8B135F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Frame ID: BD8CF92D37C5A2DE2CC659721D3200D6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Frame ID: FF47F3D4EA6372E2D4AC6A3E57833D88
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8A7CE4BD9157734C5162F15A981B8967
Requests: 5 HTTP requests in this frame

Frame: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B8CD46AA6044685B5709933283403C7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 56EF2F2A07B21F3C63F0FEE9BE12B419
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7558AFA8BB65FE4C91B71C25C5435E61
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Frame ID: 09F8EB2840796414948277B721EB4E73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Frame ID: 88125F8DDD2D881C1B42C002E98CB124
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Frame ID: 9F3AB637D7C2F1183C9A27A0F1A7923C
Requests: 1 HTTP requests in this frame

Frame: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A274FF0071B371E628CE219082D3A1B7
Requests: 17 HTTP requests in this frame

Frame: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 673D5AA2A24679FD504ACEA8C7F90A6F
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 4D99FBE00C379DBF43BA449744DB5577
Requests: 15 HTTP requests in this frame

Frame: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 944D8262F7C14D5C1BCFCA1DA779B404
Requests: 14 HTTP requests in this frame

Frame: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D12BFD8427FEEA1DF87CD5BE74DDA4A2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F300221AB78CA4A13077D100F5C8C95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8766C7B940941DD37CA9AF938FF4656
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Frame ID: 15E1ECC1A548717D9ED2F8E18AFD4121
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Frame ID: 33C6832CED8B1C126C8FB94FB827F484
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-HspcCENqrlawCGJmomrEBMAE&v=APEucNXzaBwN9QM94gbxlB9in6OSQ2cjRTjXXUGHZtqcLgJKJCL2tt-YmBuerk732V6130GFVi-oDdcoNqBhoiuWQ-WylR4KrL7H7pGEkGI5nEmGZEtYsrg
Frame ID: 94238FB55EBB51C5864605EFB024E4BF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1769CD953A18E585AD44CCC7012EE6D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 455D44A17724F73BF6763CAE25FABFD6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
Frame ID: 0BDAA9DA1ADB236EDF0E9BD95E99045E
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Frame ID: A22FBAC71460AB0155F749341C74BAC2
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1183D16E2DD1C6E32B5BBA3489939D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F1F7E977EA5B7ED774F52EE91CFD776
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 00DA66CB5BED071D23848EA36433955E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BDB06148B8F2804B8BD200AFD556FCF0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Frame ID: E2D129DC9C1DF299749913494812A97C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1642401726702
Frame ID: 40B7A76AFB120565B2D569D46916C7E8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EFD396DED8D6119CBAC8A6CABCAE3653
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0C183E247E5E9BA252D6AA3F42595C7C
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C13193698AE5B9EA742F68181670C0F4
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A1AFBF1D172270088DA6067BD7CC7111
Requests: 11 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Frame ID: 8EDF0E08B1A0054281859B002C7370D9
Requests: 6 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 088B453A596996932B70AC34BE4F3BB9
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 085E391CCE8B8A56AF7E1ECB23767CDD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9B15430D4A9ED85B74FB41542CD50CAD
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 4CB77FBF21D836FB338C5CB6E092A150
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E03BA48FE4817FDAE949A8927CDDE2CB
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Frame ID: BFC98BE6B800AB683F6E7F62E8A632DB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YeUPwgAGOqblXQAm&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
Frame ID: 1545A2B3118BDDB6DCA4B76FBB3E907D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzhiMWY5MS0xN2YwLTRjNWMtOWIwZS1kYmVhYzEzMTM3NzY=&gdpr=0&gdpr_consent=
Frame ID: 3C36A22BF6FACDEA457FFFA8F3EA59F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 807037C033B427B2CABEE1989B492270
Requests: 13 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 0357EE313C5D566CDC8FE564AEB783B3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&t=1644993730
Frame ID: A3D2D2338746EE5FF74059027E0E84FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E45318C04D745572B11CB40193ED9AE4
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: FEDF7BAA557B26546836EC40B4995DA5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YeUPw8Co5ssAAGvc2ZUAAAAA
Frame ID: D66462BDAAA994506FAC6D50F36F4FBB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=tDsu40LzyGG7Vk74v2jp&pi=gumgum&tc=1
Frame ID: 5A481DDCFFA96C7FDB57553521DB57BA
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
Frame ID: 0A3571CF6DC823E605ADB5DAE710236D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Frame ID: 1A747D8B9480D40DDA53513A535045C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2111243133278699853
Frame ID: BBA3EC84358090E7432E259D620046D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F1595A9FDB272BCB9216A92CF839A029
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
Frame ID: A7FF98FAA44E8076E40DB5E3E164103D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FileCR - THE BIGGEST SOFTWARE STORE

Page URL History Show full URLs

  1. http://filecr.com/ HTTP 301
    https://filecr.com/ HTTP 301
    https://filecr.com/en HTTP 301
    https://filecr.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

431
Requests

81 %
HTTPS

32 %
IPv6

80
Domains

128
Subdomains

84
IPs

13
Countries

4076 kB
Transfer

8817 kB
Size

112
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://filecr.com/ HTTP 301
    https://filecr.com/ HTTP 301
    https://filecr.com/en HTTP 301
    https://filecr.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX27PFbhDoBxjoBzIIpAVBO9dPPOk HTTP 301
  • https://tpc.googlesyndication.com/simgad/6572644254404355299
Request Chain 197
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX27PFbhDoBxjoBzIIpAVBO9dPPOk HTTP 301
  • https://tpc.googlesyndication.com/simgad/6572644254404355299
Request Chain 198
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
Request Chain 207
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeUPwFJpIr37fKYA181AEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEK_0YQ8TGAvN1SdpsYx5h4&google_cver=1
Request Chain 209
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwMTg2MDQ0MzE2NzQyODQ2Mw%3D%3D
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjKSK1kfBISpytAFChgF2E&google_cver=1
Request Chain 219
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rvi2qnx2TFlqTHhQeVFxUkkzRExEdGRyQVhHNzBVU0hBQ1ordTNxcUdnZHFIOVZZbW9vcjJ0TE55UEFTUldEb3BVVUVYSXhQMDJBZTc5ak01QVVLUVRhekZiYithNHl3MURFaWJvVDB5MzZRekx0b3RTbk9iclFnM0o5b1Z2ZmV5dTJUWXpwVFlxY2gvc0dTNTVPbXFCRmxXSXlEWTM0azdTcjF6NHhWcS9OZnpSbWlxMDZEQ2lDdjd1TXRPeGVGa3NzYkJIcmZhbXpyVThHV3IzT1pFZkZpa0QwM3RQazliZ2tLcXYwUWsvSkpGNkFESnJGaXJNRjhJMk9kUEVCYStmdDRGOE5vd0FtcEtMRkQ3eFE1anFTRVg0dz09fA&cppv=2
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1
Request Chain 260
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
Request Chain 261
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlAKO2nq4HV_Pz9GeWGEDZwCuMqohGvag-In3dlHxTiWCNu5VK_XS6At3R3jmeILe4uWuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlAKO2nq4HV_Pz9GeWGEDZwCuMqohGvag-In3dlHxTiWCNu5VK_XS6At3R3jmeILe4uWuA&gdpr=&gdpr_consent=
Request Chain 263
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyVWp4X4gFsAojahxV30dyFnHonbm HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyVWp4X4gFsAojahxV30dyFnHonbm&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ndVNKZVE5RTJ1RnBud3FZUjlndFVYQ0FvWWgua1l2WH5B&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyVWp4X4gFsAojahxV30dyFnHonbm
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqoCWMmVKPbxmZABskwhu0&google_cver=1&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG27OA7fLVn1H6Ab7IhO-vihA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG27OA7fLVn1H6Ab7IhO-vihA
Request Chain 266
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Request Chain 267
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
Request Chain 268
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFiLniiNoKV8AJ2Q6dRqYo&google_cver=1&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A&google_gid=CAESEEFiLniiNoKV8AJ2Q6dRqYo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A
Request Chain 269
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHIGetOSAY7fPBYCZ4P0ffUdfORl354flFQbe3N7EER0UG67alx_xjKZpXQFzHnAiFK7ZgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHIGetOSAY7fPBYCZ4P0ffUdfORl354flFQbe3N7EER0UG67alx_xjKZpXQFzHnAiFK7ZgQ&gdpr=&gdpr_consent=
Request Chain 271
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv&apid=UP979f54b2-7760-11ec-b403-0200651b21ca HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NzlmNTRiMi03NzYwLTExZWMtYjQwMy0wMjAwNjUxYjIxY2E%3D&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv
Request Chain 277
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6Dn66EclWnoPA5JiPnOn4&google_cver=1&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72H_mH9pg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72H_mH9pg&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
Request Chain 278
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIdJzoRkP5xt2xVp9l5Ls_M&google_cver=1&google_push=AYg5qPJbFRmYSyZDaMGoD_S0zQr16jiGxLiVMId9YU8LKnS63WraP1MdmNn_nKHT8gs26r3MeW9gAx5eoGABdmEye01gIt8Ee2P9Qg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIdJzoRkP5xt2xVp9l5Ls_M&google_cver=1&google_push=AYg5qPJbFRmYSyZDaMGoD_S0zQr16jiGxLiVMId9YU8LKnS63WraP1MdmNn_nKHT8gs26r3MeW9gAx5eoGABdmEye01gIt8Ee2P9Qg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbFRmYSyZDaMGoD_S0zQr16jiGxLiVMId9YU8LKnS63WraP1MdmNn_nKHT8gs26r3MeW9gAx5eoGABdmEye01gIt8Ee2P9Qg
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Request Chain 280
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHFtoQWJfQSOKHq1ovFVlUY&google_cver=1&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHFtoQWJfQSOKHq1ovFVlUY&google_cver=1&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg&google_hm=507cb9ced7b706cbc82bb794
Request Chain 281
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFiLniiNoKV8AJ2Q6dRqYo&google_cver=1&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqic9Ypfu0GIKt6CUgungwyFI6VulttKmHEyulmOuyA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqic9Ypfu0GIKt6CUgungwyFI6VulttKmHEyulmOuyA
Request Chain 282
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSKPUwcw-RbZRPD9UZ8i4LCRRVJfu29jwuU0xqkiTh6G1uZjAvXuUXRaPihYwnlBL8z_HZJluw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSKPUwcw-RbZRPD9UZ8i4LCRRVJfu29jwuU0xqkiTh6G1uZjAvXuUXRaPihYwnlBL8z_HZJluw&gdpr=&gdpr_consent=
Request Chain 283
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5PFVj6O7UxSwC4XjJm7R285gQQYGIfI9ZIUhGkC_372MaU6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5PFVj6O7UxSwC4XjJm7R285gQQYGIfI9ZIUhGkC_372MaU6A
Request Chain 299
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6Dn66EclWnoPA5JiPnOn4&google_cver=1&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YXdN08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YXdN08&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
Request Chain 300
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIdJzoRkP5xt2xVp9l5Ls_M&google_cver=1&google_push=AYg5qPK5KnfNcgsidaIq048nVdqifpvtZQ2nKZ3UAxALvJlwMRbQCPXZ4ozhEUhbRaCCEV2RddsGomf7CiysHfWSWaUWeKFvphI HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIdJzoRkP5xt2xVp9l5Ls_M&google_cver=1&google_push=AYg5qPK5KnfNcgsidaIq048nVdqifpvtZQ2nKZ3UAxALvJlwMRbQCPXZ4ozhEUhbRaCCEV2RddsGomf7CiysHfWSWaUWeKFvphI&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cHK3SuEjT7OTsR_wUxlK0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK5KnfNcgsidaIq048nVdqifpvtZQ2nKZ3UAxALvJlwMRbQCPXZ4ozhEUhbRaCCEV2RddsGomf7CiysHfWSWaUWeKFvphI
Request Chain 301
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqoCWMmVKPbxmZABskwhu0&google_cver=1&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2GrVSo7LZxzyMP9PdkfnCWt5bs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2GrVSo7LZxzyMP9PdkfnCWt5bs
Request Chain 302
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
Request Chain 303
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KOL2-jP9JJVKf7NO0kANXSHBmIPC96dDb_5rGc-_lZwqSme9FBPvHlG7gvYGclwiMKRpkY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KOL2-jP9JJVKf7NO0kANXSHBmIPC96dDb_5rGc-_lZwqSme9FBPvHlG7gvYGclwiMKRpkY&gdpr=&gdpr_consent=
Request Chain 304
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B91luf7uwnpozJdzTlyfiebeiQVVax-V95Ew0qEth368 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B91luf7uwnpozJdzTlyfiebeiQVVax-V95Ew0qEth368
Request Chain 305
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKcpE-mGyV4lOeKSs39T7nM&google_cver=1&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-uclJZGQUiwpY1s35isb66MhALIenUCywqQ9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmE1M2ZiNTAtOGUxOS00ZmI0LTg2YmMtNWU0NTUyZTg0Y2Q2&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-uclJZGQUiwpY1s35isb66MhALIenUCywqQ9A
Request Chain 327
  • https://gcdn.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8A9AEEC41C90FF19C2B68652BB91D2ECB51AA219.7DD6879421891007A16525FBF738C867B466B6AB/key/ck2/file/file.webm HTTP 302
  • https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/584B2B55FE5A772EF0909C2FFAA5CA3752C7D9EE.5E8297B2A4E0BB1CEA818A9BB7882F030B8C90FD/key/cms1/cms_redirect/yes/mh/7y/mip/2001:ac8:20:3c00:1011:9c7a:3889:9ecf/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1642401390/mv/m/mvi/2/pl/49/file/file.webm
Request Chain 343
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
Request Chain 345
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D
Request Chain 347
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11392834835393212854?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D7rPAHVE2oSxPoIF6SM.7rxtu5VN3IeR3PWYnYTkwQ--~A&dongle=0883
Request Chain 350
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11392834835393212854 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11392834835393212854&dcc=t
Request Chain 351
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 355
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
Request Chain 361
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1201860443167428463
Request Chain 362
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=507cb9ced7b706cbc82bb794
Request Chain 363
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7255687663 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8d4e803a-1a3f-44ff-9b00-77b6fb525fef HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
Request Chain 365
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433822382859286
Request Chain 367
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=b4d2f5c5-3d1f-4550-8353-168a8ae5e901&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-hP_mJ2lE2uGlC2HXyb4.owBp6SpsyiqB4g0ZbFU-~A
Request Chain 369
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIBKYYU-1V-2B9&sigv=1&esig=2~6f0a1e4fd8ce0db2d20de7a92d32a2ed0d6c043b
Request Chain 370
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5
Request Chain 371
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlYTVjZDlkYWZlMzBlNzI2OGY5MGJkOGRkYTJhNjQzM2RmN2RjNw
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENo559jsCbH-lrp6_v_pePU&google_cver=1
Request Chain 375
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YeUPwgAGOeTksQAm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YeUPwgAGOeTksQAm&_test=YeUPwgAGOeTksQAm
Request Chain 376
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TQN8AO5ZIeW9F2HrrgX1gQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2073199542019385303
Request Chain 379
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&gdpr=1&gdpr_consent=
Request Chain 380
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=fd49d395-b41e-4b28-b3f9-c6cfc732c8dc&gdpr=0&gdpr_consent=
Request Chain 381
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030001_61e50fc25f614&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_61e50fc25f614&gdpr=0&gdpr_consent=
Request Chain 382
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1201860443167428463&gdpr=0&gdpr_consent=
Request Chain 387
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&dcc=t
Request Chain 390
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 391
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ded019e6-9c3e-44a4-81f9-7af461ee653b
Request Chain 394
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1201860443167428463
Request Chain 395
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=98839511-efad-4438-ae27-1d22975c7f88 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=98839511-efad-4438-ae27-1d22975c7f88
Request Chain 396
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%286hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&obuid=ENC(6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3D6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW
Request Chain 397
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=798b6f8e-fbdc-495d-8468-76af96d68d87
Request Chain 398
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4$ip$217.64.151.9
Request Chain 399
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-VLQCrCRE2peJVPt9nQRmdw2Neh9QChTHEvp_~A
Request Chain 400
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=98ef06e1-7760-11ec-b1f8-b73d2eaec644
Request Chain 403
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=YqIvporCrgDfCbBPUh1o&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLRJF3HA33SINZGORDGINREEUCVNAYW6JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLRJF3HA33SINZGORDGINREEUCVNAYW6JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=YqIvporCrgDfCbBPUh1o&us_privacy=1---
Request Chain 404
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7cf18ce5-0285-4e47-af10-4cdfc43e9356
Request Chain 405
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003&rndcb=6395063519 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=92fd282a-f93a-4ee9-9239-d40a13212fc8&user_group=1&ssp=adconductor&bsw_param=98839511-efad-4438-ae27-1d22975c7f88 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/98839511-efad-4438-ae27-1d22975c7f88?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
Request Chain 406
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=1i4Z83s5ViZp&ev=1&pid=558355
Request Chain 409
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Request Chain 410
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YeUPwgAGOqblXQAm&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&t=1644993730
Request Chain 415
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 417
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YeUPw8Co5ssAAGvc2ZUAAAAA
Request Chain 418
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=tDsu40LzyGG7Vk74v2jp&pi=gumgum&tc=1
Request Chain 420
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
Request Chain 421
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Request Chain 422
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2111243133278699853
Request Chain 423
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 426
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5ba661e5-0fc2-4c00-be53-5930cf4d9009
Request Chain 427
  • https://pixel.onaudience.com/?partner=214&mapped=CB25E624-4E48-41BD-8851-5DA6A95DBCB7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4242148624cac215f1b25244494c7df5 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a1fb34ce8a089076 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-08716b79a871&zcluid=a1fb34ce8a089076&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL7Xu-LvMyPuD5_Zsgtf3nU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-08716b79a871&zcluid=a1fb34ce8a089076&zdid=1332
Request Chain 428
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0IyNUU2MjQtNEU0OC00MUJELTg4NTEtNURBNkE5NURCQ0I3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8y7kHU9s0Hwz47qUzHFvA&google_cver=1
Request Chain 431
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3319337312637487731
Request Chain 432
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
Request Chain 433
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1201860443167428463&gdpr=0&gdpr_consent=
Request Chain 434
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NMta3txE2uWfghmjPTna6xu_cEJ1y7s-~A&gdpr=0&gdpr_consent=

431 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
filecr.com/en/
Redirect Chain
  • http://filecr.com/
  • https://filecr.com/
  • https://filecr.com/en
  • https://filecr.com/en/
162 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27 PleskLin
Resource Hash
6b10b7ca44656ec9a4c148ef47bc0cd68a05a9e00b7de1e7084c3eb1b5921f61

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.27 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://filecr.com/wp-json/>; rel="https://api.w.org/", <https://filecr.com/wp-json/wp/v2/pages/57680>; rel="alternate"; type="application/json", <https://filecr.com/?p=57680>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m9FrY6BralUMQ9LpV4Nw0YAfH8OsIAThJ62YPI7QVD5td4cuuohSS1F%2BJK0sRrtGY3Ldz7tdvDefm1vi5NWBsbNqK3BfqdOwnex0KuPmQvXrYQa%2BIMAz2lbv9vka2ntvTPmy9y43QA%2B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ced9a015dc60dfe-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-type
text/html; charset=UTF-8
location
https://filecr.com/en/
x-powered-by
PHP/7.4.27 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-redirect-by
WordPress
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfXFCj%2BacpuihYQ7U%2FtkBLkST1ybHXTWo7opeazXdgmup4DWxoc7eehdw%2FJ4E9EP2J7YPhB4VbsKTohnt4H0BaYDPQ%2BYziaGT8Ousnif6f26s%2BvudtlyKT8r3l65p8g8QzhmxYEdQjTJ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ced9a00487359b9-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
992598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2222
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-32ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JH5QdINe3eKFI82O%2BUsCPWafz07ejhe5M1fQA%2FC9yWOKdLOn3x%2FauLu%2B509lX4N3HxT9oxUCOZ6HGXjereS5SY2Xe0sE1qaq8nVMBOq5JF8CmVORcO5t6xnE5fvC2V2EFNyqjfP%2BjD8Y4AqQj%2FHH%2Bfp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ced9a037ba083b4-MXP
expires
Sat, 07 Jan 2023 06:42:06 GMT
style.min.css
filecr.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3782
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SN4ScSyQ9Dtxf6xBcZAOHY5P%2FK4%2Bv3jWLIdVdRC4I9MkkWvOQA7e84OsYL%2FdUDwXBMBH8cV4X1aaYpHYB6aGwBaM4YTCsBbR2rLOZWFZ9Ec0B3sFrcFuRfky5p8UPo4xFFiKuoyKxl3K"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6ced9a034f9f0dfe-MXP
style.css
filecr.com/wp-content/themes/filecr/ 		61 B
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/style.css?ver=5.8.3
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3782
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"19c-5cc72c9e32d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmapX%2FGiTxNvweTaMiSmsrrlhZ7z%2F52B9ljfr1kJqKQCHDH6WkWDXZgroEztAvJk64HznA923sR5R7%2FSKNjR0ZRaG45LOhYrE1dmqG2EYk4bbjFvOO3XjdXK3oCnywPEWHhk3uJiqVZM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=412
cf-ray
6ced9a034fa00dfe-MXP
cf-bgj
minify
style.min.css
filecr.com/wp-content/themes/filecr/assets/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/css/style.min.css?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
961
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-1adb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eegUChPwBCGg9DPKOkHBGc2rlCx4jbS%2FXIFmxMMxyUryMWJhNSxK4EZqxx7r1I6kRCNeEYcZAlqlGQptNoMO4tetjbH%2FUMkuhR3ogUdlPMFIintkaQeEVeUy6TDraNTUesmAngnZlVHa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6ced9a034fa10dfe-MXP
main.js
filecr.com/wp-content/plugins/wp-custom-parameter/js/ 		245 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/wp-custom-parameter/js/main.js?ver=1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3781
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 13:43:35 GMT
server
cloudflare
etag
W/"10e-5cc95b36c8687-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHg0joSbfY9gwuf4xQHd81crBC%2FKia8i0vDXFl2%2BQagcNoMzbYVznP4Kwg%2BQ7HQTImv8a3TTXMpeJzDV1JFolpYtZhIOfElh6lYEofl6oOE30debg8kf0i0RNC68kGHP6ZRVfCE1EQDA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=270
cf-ray
6ced9a034fa20dfe-MXP
cf-bgj
minify
jquery.min.js
filecr.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3781
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLRm7%2ByBW8M2ug3bLMdFgtnNOWjMJpOm0j7lS6uj8bk7HC62btB727zceqOScPY24DjPwnvFa3lwPxjdFcJ6GVKQdOFpnMenMVxLeThgAJUpQJoL9t2VCfJywp05TRedzbpWGQrCi0OX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a034fa30dfe-MXP
jquery-migrate.min.js
filecr.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3781
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdjcjFMR2XLxU2NOLrX8JSjRmAvyFmcKKS5vLoTN9aUw13M8umqaY7aMqv9yP0nMmTnHsZyX5pumx0Q49AROPCZWIIXVhHPqPS0Nsdl9Cb460OlkCmgxY4dHa6ScuDXWbfFunSqvoCN4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a034fa50dfe-MXP
advanced.min.js
filecr.com/wp-content/plugins/advanced-ads/public/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.30.5
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
961
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 09:45:33 GMT
server
cloudflare
etag
W/"61bc5c3d-29e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI%2Fq7O6hvLaWF5KWpe6qiYNXYXZwvSeeGOsAEejBW1%2FakksH7SCeFC7ipVKYkeQVvFCTp7N0tpb%2BCm8DUK3kqkjYvrmRXtpVjErk2goPuGwvrqj1tRqVJjpiVa7p1b4kpSybT7It29Kj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a034fa70dfe-MXP
dmedianet.js
contextual.media.net/ 		429 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU709Q2E
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0de8f122bf6190f1e241f4e5a70e1a7df49fec5fc55a452d81da1d3823e50ef
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-mnt-h
10-8
content-encoding
gzip
server
Apache
etag
"2ef383578f6fcc33c567c1db5e838b62"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 17 Jan 2022 06:42:06 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-34
expires
Mon, 17 Jan 2022 06:47:06 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c411a4cf06931ff34a527f0adf4d742854c3ee72b245ab288588cee43d41861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36489
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jan 2022 06:42:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8268f215e2495135c2a979ae839a3abe0c17a99d9d84007b81e1411f364eac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51978
x-xss-protection
0
server
cafe
etag
8023046908167449661
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:06 GMT
Wondershare-EdrawMind-Pro.png
i0.wp.com/filecr.com/wp-content/uploads/2021/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2021/01/Wondershare-EdrawMind-Pro.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
f4352515b6981f953c9e515d3707fa933bc74c5ee7239f4d2e4b222b775efd07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 16 Jan 2022 20:57:38 GMT
server
nginx
etag
"5c41178e4aeffa96"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/01/Wondershare-EdrawMind-Pro.png>; rel="canonical"
content-length
8292
expires
Wed, 17 Jan 2024 08:57:38 GMT
Office-2013-2019-C2R-Install-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/01/Office-2013-2019-C2R-Install-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
954efeeeed54c7209ca01cd3dc98fedc2f663eddc528a0dbe327b14cf0c7fac9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:15:52 GMT
server
nginx
etag
"f563b88b6979a859"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/01/Office-2013-2019-C2R-Install-logo.png>; rel="canonical"
content-length
3666
expires
Fri, 31 Mar 2023 01:15:52 GMT
Bootstrap-Studio-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2019/05/ 		828 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2019/05/Bootstrap-Studio-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7a5a93555a9ae33a15fcf3bdc1eed6ed7ea2caef8d6155da3168190b5d38c89a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:21:46 GMT
server
nginx
etag
"a83b9724065a7508"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/05/Bootstrap-Studio-Logo.png>; rel="canonical"
content-length
828
expires
Fri, 31 Mar 2023 02:21:46 GMT
Capture-One-20-Pro-Logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/10/Capture-One-20-Pro-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6d0678d80d8b1949a0ed1da581849420658f5dbb0fc02eb8464883076917f4ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:16:47 GMT
server
nginx
etag
"8f373e80e6ee3526"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/10/Capture-One-20-Pro-Logo.png>; rel="canonical"
content-length
10422
expires
Fri, 31 Mar 2023 01:16:47 GMT
Norton-Utilities-Free-Download.png
i1.wp.com/filecr.com/wp-content/uploads/2019/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/01/Norton-Utilities-Free-Download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
32e5001b17a48b617e837d3d9d688c58e0efd0410e42a4eee51f238a104f3302
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 14:00:45 GMT
server
nginx
etag
"696781e4e176a281"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/01/Norton-Utilities-Free-Download.png>; rel="canonical"
content-length
5284
expires
Sat, 01 Apr 2023 02:00:45 GMT
WYSIWYG-Web-Builder.png
i0.wp.com/filecr.com/wp-content/uploads/2021/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2021/09/WYSIWYG-Web-Builder.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ee42890701d480e6f92e0317494fc9533ae02cb222a0a43cba9c62a8ebcced2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 18:24:33 GMT
server
nginx
etag
"1d17f3f75c45c60b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/09/WYSIWYG-Web-Builder.png>; rel="canonical"
content-length
13536
expires
Fri, 29 Sep 2023 06:24:33 GMT
Icon_Symantec-Endpoint-Protection_free-download.png
i1.wp.com/filecr.com/wp-content/uploads/2018/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2018/12/Icon_Symantec-Endpoint-Protection_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
111d466a363d63abd31ac477919bb8746df933bfad404b24f137fa0fda70db6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:43:27 GMT
server
nginx
etag
"982035a16c639018"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/Icon_Symantec-Endpoint-Protection_free-download.png>; rel="canonical"
content-length
4650
expires
Fri, 31 Mar 2023 02:43:27 GMT
vuescan-logo.png
i2.wp.com/filecr.com/wp-content/uploads/2021/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2021/03/vuescan-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c06e66ec6aa3961a0dfa2afa4982b4c54af4ff82e67ec6c9ac66cd67b2185d9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:32:47 GMT
server
nginx
etag
"88dc21b84f3fe46c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/03/vuescan-logo.png>; rel="canonical"
content-length
12484
expires
Fri, 31 Mar 2023 02:32:47 GMT
polarr-photo-editor-logo.png
i2.wp.com/filecr.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2020/04/polarr-photo-editor-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
74702e2e052b4f1c01d693725269d1c42e3b3859a30a5af128037edbcb3ac4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 15:35:48 GMT
server
nginx
etag
"56f0b6e4d7df96b0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/polarr-photo-editor-logo.png>; rel="canonical"
content-length
1998
expires
Sat, 01 Apr 2023 03:35:48 GMT
teatv-logo.png
i0.wp.com/filecr.com/wp-content/uploads/2020/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/11/teatv-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
45d759f36d50ce11a943fea6ef65581345d0112491cb970eb5ea59c7eb61361e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:34:38 GMT
server
nginx
etag
"d42ab404c4080c2e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/11/teatv-logo.png>; rel="canonical"
content-length
2604
expires
Fri, 31 Mar 2023 01:34:38 GMT
3c-all-in-one-toolbox-icon.png
i1.wp.com/filecr.com/wp-content/uploads/2020/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/09/3c-all-in-one-toolbox-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ad0e979c5a9356bda8db0b396959b64de6acce6905c1672ced1ffd4d275d05aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 14:30:19 GMT
server
nginx
etag
"24288ac538dc861c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/09/3c-all-in-one-toolbox-icon.png>; rel="canonical"
content-length
2672
expires
Sat, 01 Apr 2023 02:30:19 GMT
Today-Weather-Logo.png
i1.wp.com/filecr.com/wp-content/uploads/2019/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/11/Today-Weather-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8b113a09b154db21844467b3fa42dbdf74557f3ed07bf8eb10f928123a024808
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 15:29:28 GMT
server
nginx
etag
"09a85606f14a6a99"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/11/Today-Weather-Logo.png>; rel="canonical"
content-length
1608
expires
Sat, 01 Apr 2023 03:29:28 GMT
SnapTube.png
i3.wp.com/filecr.com/wp-content/uploads/2021/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2021/05/SnapTube.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
bcaed03e08f7c64607442e34049408f9644e7f8742b7f6461b513afc207334dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 08:35:07 GMT
server
nginx
etag
"f6149f2d0f12cb63"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/05/SnapTube.png>; rel="canonical"
content-length
3326
expires
Sat, 27 May 2023 20:35:07 GMT
duolingo-apk-icon.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/duolingo-apk-icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2cb5ef98ed9a3c63e2986c9c90f21c4ba8ba28396343626a26811fd9d3bf7e40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:55:29 GMT
server
nginx
etag
"1142883deb97f67c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/duolingo-apk-icon.png>; rel="canonical"
content-length
1628
expires
Fri, 31 Mar 2023 02:55:29 GMT
psiphon-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/psiphon-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
885adf90cbd374aa089e03173990d608d5ff78aab43e98f9d7afe2819118fca1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:09:34 GMT
server
nginx
etag
"d3be616dfb69c085"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/psiphon-logo.png>; rel="canonical"
content-length
1976
expires
Fri, 31 Mar 2023 01:09:34 GMT
PhotoDirector-Photo-Editor-Logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/10/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/10/PhotoDirector-Photo-Editor-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e42f6b525b560f5a3fceea51b80b88c0fae967e1a7908cd8eb853714ced86625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:16:47 GMT
server
nginx
etag
"ada7d1e8f80c9698"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/10/PhotoDirector-Photo-Editor-Logo.png>; rel="canonical"
content-length
9688
expires
Fri, 31 Mar 2023 01:16:47 GMT
Microsoft-Office-for-Mac-2021.png
i2.wp.com/filecr.com/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2021/10/Microsoft-Office-for-Mac-2021.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c06481269ba2f82dc841852b295e6fbf33266267833b626a043ae8124bebd06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 17:10:05 GMT
server
nginx
etag
"73e657305fa0feb5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/10/Microsoft-Office-for-Mac-2021.png>; rel="canonical"
content-length
22182
expires
Sat, 14 Oct 2023 05:10:05 GMT
ON1-Photo-RAW-2021-logo.png
i2.wp.com/filecr.com/wp-content/uploads/2020/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2020/07/ON1-Photo-RAW-2021-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
119304315bf1eb923b7630c6392688ff2b6687ab7e33d37f29ba6fa1ee99c737
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:43:28 GMT
server
nginx
etag
"363334d7f173e2e7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/07/ON1-Photo-RAW-2021-logo.png>; rel="canonical"
content-length
5222
expires
Fri, 31 Mar 2023 02:43:28 GMT
Icon_4K-Stogram_download.png
i3.wp.com/filecr.com/wp-content/uploads/2018/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 16:25:23 GMT
server
nginx
etag
"7062f5e5d4dae892"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png>; rel="canonical"
content-length
3176
expires
Sat, 01 Apr 2023 04:25:23 GMT
icon_DxO-PhotoLab_free-download.png
i2.wp.com/filecr.com/wp-content/uploads/2018/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2018/12/icon_DxO-PhotoLab_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
acd669956964821a13f74ee0786b8d93b4a6a7c4507e5926dd9d741b239fb9a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:42:15 GMT
server
nginx
etag
"c91b3bcdac8cc37c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/icon_DxO-PhotoLab_free-download.png>; rel="canonical"
content-length
1382
expires
Fri, 31 Mar 2023 01:42:15 GMT
extension-feature-image.png
i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 11:51:17 GMT
server
nginx
etag
"d80f3bfe22caf697"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png>; rel="canonical"
content-length
10528
expires
Wed, 24 May 2023 23:51:17 GMT
script.js
filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.10.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
962
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Jul 2021 11:56:39 GMT
server
cloudflare
etag
W/"60e59677-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFyXw47GU%2Fl%2Fe5%2BgQkZz1NBmQWPylGVHMK%2FGORHvIlMz3YH8XiHLVpil0eiXYVxNEKespzw7DpWSnvye0zbl2OiJnIWd22RGILjFjNh7s6t7ilzJS6MymNpq8ndzXQwVVVw1VKn8H0Z4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2962
cf-ray
6ced9a03c8150dfe-MXP
cf-bgj
minify
ads.js
filecr.com/wp-content/plugins/deblocker/js/ 		126 B
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/deblocker/js/ads.js?ver=3.1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4950
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 21 Mar 2021 11:33:20 GMT
server
cloudflare
etag
W/"33f-5be0a50e9c000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0Zyh1sa6SMN8rpldEFLIkty4LcwfaX%2BSHI7y6jje45OPc%2BUwJSD%2BLwTTJUWz5%2BJMO%2FXw73NKY2Xw4V25DxRqb2GQMIq7gj4UUC5o6Ov%2FjQgOzMmfPEExBZ1m29qDXhMfQ7m1kf5Dclk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=831
cf-ray
6ced9a03c8170dfe-MXP
cf-bgj
minify
advanced-ads-pro.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
962
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-1620"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7SdvjyfKdXBNrWjpGyRQ4Uxb6%2BPfB22mA972c1iWtqXo9o4kAYUvu0svJ2P6ekjBDYickwE%2BD5IyRyC9myRX0mEQSJzQ5MEHXQQOr7IQHLWTXArAjiWNAXwk14jJVDdS2tAjdaUjbeN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a03d8190dfe-MXP
script.js
filecr.com/wp-content/themes/filecr/assets/js/ 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/script.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-4d0f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmyIAOfrl8%2F3MHhCONZBHCTqHBPf2T2XutTgql4GeXRsH8o7FMij5bJd7OUhrOnyeATPM5COELQqMT%2FPjmIaH3IUzc0VFXjx0CdVevyD0F9crdsvFtCM5CYNmjUqySLrso13OZneFtJ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=315638
cf-ray
6ced9a03d81a0dfe-MXP
cf-bgj
minify
ratings.js
filecr.com/wp-content/themes/filecr/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ratings.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6074
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-f89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi8h3A1el%2FlTPGdRgBto6DpZjxW1blDLxqz8gM2RcTfz1NMB8cnz8mb2Kf%2FMyF5EFfJLGVL1UfRgdBewhTXbKH9exda4L9HSQ5WWGFbXCvWRL%2BgtSzc%2BtrwvzQe7nKAGi1vwfGIBlhWP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=3977
cf-ray
6ced9a03d81d0dfe-MXP
cf-bgj
minify
confirm.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/confirm.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-842"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIRZFCjvfDYkq%2FNw1P115he5AS%2F8B9tr9ArAgpT5hPxEDy1a%2B1%2FIfIPDYOpsA1SoubzGDIKrqYa1VECrfYFydJ5uc%2FuCqy7dtXIgzfFJjH6F1ZBIJ0eyIKY4pE7QO6XnVvqu9V874Wgq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2114
cf-ray
6ced9a03d8200dfe-MXP
cf-bgj
minify
ext-notification.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext-notification.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-88e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GA8RUDkwDSPO90tDBWQjNbBfiw8mWe3rEML%2FuqumBrDhs0yyljIGlfB5qHWaIY5iGkNmbCSJLRJJhDE019E3ibkw8dE50AgWue50sLV%2BnbM4MAipdBWXs2gZpRjBH7L%2Bhk8%2B3TWrlEfw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2190
cf-ray
6ced9a03d8210dfe-MXP
cf-bgj
minify
custom-front.js
filecr.com/wp-content/themes/filecr/assets/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/custom-front.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-47ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhDBvGvoPqCOC3rj60H3R9YTH1KQVehlCVrRVXiL1vUqEuxiFDQkoGcOP0Fsin6zY%2B0StW8mdaT%2B%2Bj2zQMo2h9lUwA3oQVST%2FjvpbFa7ze5o0Br0%2BQVLXTz3Fg37jGqmpdApSpnOJF6v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=18431
cf-ray
6ced9a03d8220dfe-MXP
cf-bgj
minify
ext.js
filecr.com/wp-content/themes/filecr/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-36a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJCYntw3i3Rnb52ThR7AlQgqS6FvGww7GoVyfKoXnDFI4k6cW9PoSEcoghiMmOTw6xXCUnyKWQR2rMaQ1Y7Tj1l9RZ56hkRNIvX0Vcf9njO90VIA20nlOxgU85B1KcWMSiu%2FtAyjpo8r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=13986
cf-ray
6ced9a03d8230dfe-MXP
cf-bgj
minify
base.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
962
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-11df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTvU3n9%2BVU%2FLOYpUE5d1YbVXV8wtk%2FPvzyYrPH7ROuLynPW5uHOaLB6O%2FpthQ9OMaLEcgIgn9DcdEhwzTiT%2FO10fH1RyuF3ZLHDvf1R7VeKo0WL5vaJ2ftkjXsa%2FiJ9MvgW6LYLlNdEQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a03d8240dfe-MXP
wp-embed.min.js
filecr.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6073
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
cloudflare
etag
W/"5ff5d754-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPuyE2zjkq5iQAXQStRk6gkA9xfJXP%2F6BUcu6Vot1g5jostNno8YpFqww%2BiLvhaKtfqLuVmPehOTz3Z8Sk1mAvTnSaNLnrBKpEEi6N1F63XlLgye7JPFSYPQfpacNWvMHy6nb0s5V8vy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a03d8250dfe-MXP
wp-emoji-release.min.js
filecr.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5365
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsyrRc%2Fhs137K2dUKZTnaGik8tinwV9xYz1MeV93tNS0%2F43PQznTcf%2BoBPoXS9ETAhJntQStLP5mQ61cboI0MOc8YyI7EXN5cyM2hoBZUBHjZ6zkQ88Ssqj5yjXRqKg%2BSwoL7cQcRbRA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6ced9a03d8260dfe-MXP
filecr.js
cdn4.buysellads.net/pub/ 		560 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
88b6e462f7f0a541cc653eb4ed59a2a19928be059f699bb55404c0c4b74fa46e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 18:49:06 GMT
server
NetDNA-cache/2.2
x-amz-request-id
002G4PACPX8RBVBG
etag
W/"32fff5d2c83248049bea3a9e7f55d2fb"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
m7eCJS6xxiWaj5n+FXdywEbHgg2TH06SrMz/mJaTqNLfDNDUI/C4NfGXnWaECP/qhkeFjv9Dadk=
expires
Thu, 12 Jan 2023 06:42:06 GMT
Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
996122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30064
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-7570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjoV5P7%2B0sJpZpM1TBLC%2BXiuu8Dw7ELd6m0pnXZJuCKHap2A%2F%2Fa%2Ff750rfdSCBpmIgTqR6Lpg93f5Lh0CizERrZAIwNpeympDHE3SxXpiDGlcVnkhSDsSqM7PBC9h1anmZ7FWLChby6verJHx8szW%2Bro"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ced9a04290f59e3-MXP
expires
Sat, 07 Jan 2023 06:42:06 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
comm
webcrx.io/extension/ Frame 2E41 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webcrx.io/extension/comm
Requested by
Host: filecr.com
URL: https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTefj52kkbWXhvYuu6SXlUiZmJd8Ng3HqFaihQJvsP9lk0LMgtGEYFYLvQdRW%2BPZVf699AbUq0iGSoV6kji2jgc%2Fn7umkpfB1SY8m3Z3CECTgabac%2BXYwM9AH%2BEC%2F4eTYEUyL4pMix4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ced9a05d80c83b2-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d07a67c130919e9cf64bfb30fd7a196e14bb3c469c19de3e08debde52b0672c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51981
x-xss-protection
0
server
cafe
etag
4703133995348163826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:06 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/ 		278 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc63319416d7b81a7c4da618d75ec674707eaa6b79c89d171fa31b9a2594635a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102629
x-xss-protection
0
server
cafe
etag
8165968128240070270
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 0250 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Mon, 17 Jan 2022 02:05:13 GMT
expires
Mon, 31 Jan 2022 02:05:13 GMT
cache-control
public, max-age=1209600
age
16613
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6060
date
Mon, 17 Jan 2022 05:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 17 Jan 2022 07:01:06 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26979
x-xss-protection
0
server
sffe
etag
"1104 / 302 of 1000 / last-modified: 1642206167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Jan 2022 06:42:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		214 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=filecr.com&callback=_gfp_s_&client=ca-pub-3553508983172692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b92ae5e7b73cb9ce6e4a051be2db3e894ec57c731c1f04cfb5ae948180cddf56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tn=DIV&id=site-alert&cls=alert%20fixed&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B6D2 		154 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1642401726&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726340&bpp=3&bdt=402&idt=113&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4039045377573&frm=20&pv=2&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=95&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
648f7cf407900f2e498ddfe9877165ea8cd6c728a76e1bdae7d62cce77592852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Jan 2022 06:42:06 GMT
server
cafe
content-length
42233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 06:42:06 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BD8C 		95 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fabd7048680553d7858f52cd265cb8c817aca93fbd8d37bce33f67d850d34020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Jan 2022 06:42:06 GMT
server
cafe
content-length
31717
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 06:42:06 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1291787499&t=pageview&_s=1&dl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&ul=en-us&de=UTF-8&dt=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1820135919&gjid=700337492&cid=163598038.1642401726&tid=UA-139662474-1&_gid=1682613035.1642401727&_r=1&gtm=2ou1c0&z=1837710866
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FF47 		86 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e63131bacad41fd7253ecad93f16341b3b572ce7dfe808119e72f1b5e948cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Jan 2022 06:42:06 GMT
server
cafe
content-length
29757
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 06:42:06 GMT
cache-control
private
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 00:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Jan 2023 00:15:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filecr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45
x-xss-protection
0
expires
Mon, 17 Jan 2022 06:42:06 GMT
localstore.js
script.4dex.io/ 		483 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
934747
x-amz-request-id
tx866870b037e0440b86325-0061d6cc60
x-amz-id-2
tx866870b037e0440b86325-0061d6cc60
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92jnc6a0FxjONQuXLd2IzT3kCmG2HWzPbXEkbpWy8Y4rQ6z4VFF7PsjvxNm9aw4eJi4zrC6XR6K7419lLBBvjyice%2F9tbhTdDIz8Flhx4AdQy6mpkq0EyjChcVxnRg7S4oPHGSO8Ux%2Fp1eJ7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1638788436623244
cf-ray
6ced9a07cda8375f-MXP
adreq
ads.servenobid.com/ 		597 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1431
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
14a39db74c26db85fcc99a558830bf5418330add4b214838edc95dab71e7d3db

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://filecr.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		611 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f9565cbb9865ccfbc15a1c0aefdc3f162dee2f37343f209f117e53e73e75b681
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 17 Jan 2022 06:42:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb6510c8-2140-4628-82f2-d0a1a8790e49
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tmax=900
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&CanonicalUrl=https%3A%2F%2Ffilecr.com%2Fen%2F&PublisherDomain=https%3A%2F%2Ffilecr.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
6000657b05d6f39e5fa69ac2d8654c5c06d3679a87d541e604835e6f2e976fc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280b04cd001d&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ee2736408c1e827244ce263e68e6531729d95d91524b2412c0435ace5fe51045

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1bd5fe4781cc8469ab49d022f844a9ad852146998af61da661821b98631c4db4

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
916f95aab27db27c31734b1e4046ba49c450f47b13372f01f1717957d964fd6e

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280be73c001e&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9f592387f66450e218293b2463bffd2e3e17fa1845b3aba97ad2b49a589319cd

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691a0017c7c2769342812c4ac0020&pos=8a969d17017c7c2764ee28140f1d001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ebddbe0c94a9b05eeaf99ef48a61501d39604165df332ad582e27ca95eb5a1b3

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f4ad7ba581345581bd301ba579eab4b9c302de6d48500ebe035af043c9dfdc41

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280c36f30017&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c01b4faf83772b08fd6c24d8a0b1fb7a36d7001720272b40026cc28041ab25bb

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4038594ce974eb1639deb8e33c3f2f2a41cc0156ac709abd5127f5844523dc39

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e384b930ed245da708a4c5f659f27bd6403e4daaca630481e4741e15f180cc6c

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9dc71a2cc4e8793bd49c23b266917e4412075d7eaa9a9e2f1c5e73a3414fbb44

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
prebid
mp.4dex.io/ 		99 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e43ed9cdd65380344ceb930783193e502e3f95b6246bf660bebd76c8e99105

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ced9a07ee84f92f-MXP
pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1642401726651&secure=true&version=9&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&measurable=true&bids[0][bidId]=479ee59c4b46b6&bids[0][config][property]=6115725d81c45d000f945f3e&bids[0][config][zone]=FileCR_S2S_Leaderboard_ROS_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=4895d7d0002f0bb&bids[1][config][property]=6115725d81c45d000f945f3e&bids[1][config][zone]=FileCR_S2S_Sidebar_Right_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=600&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[2][bidId]=497be6d0e1a9322&bids[2][config][property]=6115725d81c45d000f945f3e&bids[2][config][zone]=FileCR_S2S_InContent_ROS_Pos1&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[3][bidId]=508cf088c583fe4&bids[3][config][property]=6115725d81c45d000f945f3e&bids[3][config][zone]=FileCR_S2S_InContent_ROS_Pos2&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=5127c3b7a1ab285&bids[4][config][property]=6115725d81c45d000f945f3e&bids[4][config][zone]=FileCR_S2S_InContent_ROS_Pos3&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&property=6115725d81c45d000f945f3e&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f83cbe88d973681a0fe73b5ef74754aadfb307cc4447c685993230a06151fb91

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:06 GMT
x-powered-by
Express
etag
W/"38-SQZwahA86T+fUZ5q1Sp9ymv7CY0"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tk_flint=pbjs_lite_v4.43.0&x_source.tid=ec822906-9369-4cb6-83c3-da1ffeaa0c24&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4701143226449138
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a822b9455b872d829a1db0959065d0714797a32059c07dfe080541529c7e2116

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tk_flint=pbjs_lite_v4.43.0&x_source.tid=c5e1e819-bb71-4e59-9da6-3142bbe8fdf4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8570113789432996
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
838139869b7bc1df3ee13809b3c78ee34a21df019e9eb6cdee5b259d3c0f03fc

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tk_flint=pbjs_lite_v4.43.0&x_source.tid=e71e2b7f-52ac-451c-9068-e400eb7b8ecb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6528475303733015
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7fb5ba4eecb1ba70b4ddd48dfe4c0d0c37e8bbdd83cf891a412f622f58450754

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tk_flint=pbjs_lite_v4.43.0&x_source.tid=029bb257-c1b2-46bf-8e44-e23c1285f7e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8127731887321115
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c0007c453001645a4a4c30e34795d62ecb14cc09e1c68765fe46e7312f99b738

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&tk_flint=pbjs_lite_v4.43.0&x_source.tid=c0270ecd-00f8-47f3-aa99-a1a42d1544e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35427822801490993
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0e220e2bb80cd194c12b29df68f7e7fad22a89aa167fc866c421be555a3e3903

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.210.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-210-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Mon, 17 Jan 2022 06:42:06 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.210.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-210-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Mon, 17 Jan 2022 06:42:06 GMT
access-control-allow-credentials
true
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://filecr.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=83009438128
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
934741
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txe4fe067028d840c1bdb26-0061adede6
x-amz-id-2
txe4fe067028d840c1bdb26-0061adede6
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSn%2BTWLWkEGC6DBtpLs1JVt9yAopew8MujMkpTrwTgr886uUlZwXmIYRmxpQI8BA%2FRZvKxedJJddOTF950pcrByeI6k0blHRXQy%2BtCWy7Nx%2BVcC7HxWgyHvyfPgjeBK%2Bf5MzV6Uq%2FDz0BDgZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6ced9a082f6d5a13-MXP
access-control-allow-headers
Authorization
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
824a9e9f562ccbb94360a456dd7e1a3fd5eb285d3f4112cde92c6a4a437772b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54126
x-xss-protection
0
server
cafe
etag
7363369068189570739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:06 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame 8A7C 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Mon, 17 Jan 2022 02:57:35 GMT
expires
Mon, 31 Jan 2022 02:57:35 GMT
cache-control
public, max-age=1209600
age
13472
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame FF47 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:48:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame FF47 		1 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:40:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame FF47 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:30:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame FF47 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:32:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF47 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame FF47 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:04:27 GMT
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame FF47 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16327740663205770740/ Frame FF47 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16327740663205770740/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f7d77eedbf82b1e32dbd607f0cc62c4f5f194ea83c807ad21616c6ea5e34ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:48:00 GMT
x-content-type-options
nosniff
age
456847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7693
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 11:52:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Jan 2023 23:48:00 GMT
truncated
/ Frame FF47 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame FF47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVPMJvg_lYaaDIpqR1fAPgcaUoAebi-XdY5jEy6bUC86_1PiLDhABINXClHVgleKQgqAHoAHFh4XvA8gBCakCNPC05zUnsz6oAwHIA8sEqgT0AU_QN802e8r2ajWyiKDVihfoj3kC1ir-emjwVWCemkAbWc65t7beFMs1RKBC3qTjXU7TERSZQ-Ll4Kh5ITpLUGUy1u1IF3fW3_iZdI6FTkGSRm-2l--1-ZN4-3W5Ax3oYHykNUgIIHcULdNwO8hgSXh-Qu-GWRCfQ_lkfD0dybOiqNwyO2MZhjZ30pWlfDs7LbLpOlydilCUUidI6m40DsnfGqhIv2jYJPIM2pAl1dfbgl-LDwd-KYcfVZbUnVwxC8aV7H1DlTWnXuUnwn1REglGr6rzUp8cndneVHgtd8CD82SS6gnpkxi8-ill08qWiTNLW6HABM2t7LbrApIFBAgEGAGSBQQIBRgEoAYugAej-PoQqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQv7EO0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUB9AVAYAXAbIXHAoaCAASFHB1Yi0zNTUzNTA4OTgzMTcyNjkyGAA&sigh=4qg83S1Gpzw&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 17 Jan 2022 06:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 17 Jan 2022 06:42:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		242 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4482607639925597&correlator=451688048650040&output=ldjh&impl=fifs&eid=31063823&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220117&iu_parts=8691100%2CFileCR_S2S_Leaderboard_ROS_ATF%2CFileCR_S2S_Sidebar_Right_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos2%2CFileCR_S2S_InContent_ROS_Pos3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C160x600%2C728x90%2C728x90%2C728x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508894724-7_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508935810-9_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629214863639-0_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215045012-3_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215230348-3_123456%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dfilecr&cookie=ID%3D01bdd175e247b250-2220b47e1fcd0069%3AT%3D1642401726%3ART%3D1642401726%3AS%3DALNI_MYO8UWjwRZUplcWfVwE9qlIzzKLSQ&bc=31&abxe=1&lmt=1642401727&dt=1642401727064&dlt=1642401725938&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1073%2C200%2C200%2C200&adys=3100%2C453%2C522%2C1540%2C2558&adks=1202396793%2C1436553605%2C1058625133%2C1413693914%2C3977682169&ucis=1%7C2%7C3%7C4%7C5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&vis=1&scr_x=0&scr_y=0&psz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&msz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=true&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C0%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5f6f2b3052be8ba78f0217bd14403580a97cd15087f1a941742b0121b72feac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53234
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filecr.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B8C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 17 Jan 2022 06:42:07 GMT
expires
Tue, 17 Jan 2023 06:42:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame BD8C 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:46:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BD8C 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:30:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame BD8C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BD8C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD8C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BD8C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame BD8C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
css2
fonts.googleapis.com/ Frame 8A7C 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:50:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8A7C 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 16:53:32 GMT
x-content-type-options
nosniff
age
49715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 16 Jan 2023 16:53:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8A7C 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:28:09 GMT
x-content-type-options
nosniff
age
26038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 16 Jan 2023 23:28:09 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 8A7C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8089
x-xss-protection
0
server
cafe
etag
17106604058346595485
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:33:33 GMT
truncated
/ Frame FF47 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7322920f4ee2cd9da512d5800084633615395fe53b063ea0cfd61d69daf606a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame BD8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6IWPvg_lYf6QIJT63gPpz7eABrqUjPFml5CG3q0Jp9b98aEREAEg1cKUdWCV4pCCoAegAfzLytIDyAEJqAMByAPLBKoE9AFP0MepfnEmUIIxJksfUx9gra0OjOl45fsXofgMpnOw09hXvLhDGWEKAe_pCSSgDCSrdHiVZu8zet9LsuxLjgwtVaCz3mvvmzdveq_sW0u2kiPVEZCUIUr6W6LaoEpKFAGsWy2h5PjNSEebZeszl-mlq-78wBZQBqDMoOgnkFJ9KlJoFJdwffAOJ_3XxoQUfSTgSoUngwXJqiw2cKnVzsCUhszno6lzPF3-SKTSvlHcpz9_n02eAG0d1UZD7Ba9Tlj9rYatp7iYlEyWQJoRpKBPRy2C4gAdtu7pmbBuZ0Cg4RtPHVDfCTAgRoF3P_4cy_ohH0nwwASqv9OFjgKSBQQIBBgBkgUECAUYBKAGLoAH7LO1LagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELX2K9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1MzUwODk4MzE3MjY5MhgA&sigh=yBiMYvB8Eb4&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 17 Jan 2022 06:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/10612575303464415187/ Frame BD8C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10612575303464415187/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41794f6797cb26bbd539f53c4b4487d1e4a27371621fc6cfb47b017e65df5fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:55:31 GMT
x-content-type-options
nosniff
age
215196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19193
x-xss-protection
0
last-modified
Fri, 17 May 2019 15:09:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Jan 2023 18:55:31 GMT
truncated
/ Frame BD8C 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BD8C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FF47 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:56:24 GMT
x-content-type-options
nosniff
age
503143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FF47 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 20:07:29 GMT
x-content-type-options
nosniff
age
470078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 20:07:29 GMT
css
fonts.googleapis.com/ Frame 56EF 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:42:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 56EF 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:30:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 56EF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 56EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56EF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 56EF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame 56EF 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
truncated
/ Frame BD8C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7428476a4adfddb546daa3c61d0d47f018fe2769f429a7154eaab0dde06f4bd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BD8C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 10:56:24 GMT
x-content-type-options
nosniff
age
503143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BD8C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 20:07:29 GMT
x-content-type-options
nosniff
age
470078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 20:07:29 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7558 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Mon, 17 Jan 2022 06:02:43 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 09F8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=2822486017&adf=1720881028&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726346&bpp=1&bdt=408&idt=184&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yiAUZ2NGCP&p=https%3A//filecr.com&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 8812 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=4019461616&adf=425726982&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1642401726&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401726343&bpp=3&bdt=405&idt=159&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4039045377573&frm=20&pv=1&ga_vid=163598038.1642401726&ga_sid=1642401726&ga_hid=1291787499&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738%2C31064081&oid=2&pvsid=4482607639925597&pem=598&tmod=525&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iE4H89zLI6&p=https%3A//filecr.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dbf9d021e5475b0ef9d7751b121a5fca5c02e2f08f946a8faa984935e07eb33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8703
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7558
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 17 Jan 2022 06:42:07 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 06:42:07 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 17 Jan 2022 06:42:07 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 9F3A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Jan 2022 06:42:07 GMT
container.html
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A274 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 06:42:07 GMT
expires
Tue, 17 Jan 2023 06:42:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 673D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 06:42:07 GMT
expires
Tue, 17 Jan 2023 06:42:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111152338000/ Frame 4D99 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55581
x-xss-protection
0
server
sffe
date
Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8559bae154d80579"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Jan 2023 22:08:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 4D99 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Jan 2023 22:08:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 4D99 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Jan 2023 22:08:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 4D99 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Jan 2023 22:08:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 4D99 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Jan 2023 22:08:52 GMT
truncated
/ Frame 4D99 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8738f5128361d906f573de7214567b512e751ab094d4668e6e103aa443b6fe53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
container.html
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 944D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 06:42:07 GMT
expires
Tue, 17 Jan 2023 06:42:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D12B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 06:42:07 GMT
expires
Tue, 17 Jan 2023 06:42:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
8847096314685480132
tpc.googlesyndication.com/simgad/ Frame 4D99 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8847096314685480132?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmAv3SfukudjL73SM2PVDrCKWEq7Q
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
803c9f605a135389db61d95e51c42329605472af402ca0dc7c00103ff9c8c333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:32:03 GMT
x-content-type-options
nosniff
age
389404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25396
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 11:12:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 18:32:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4D99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
75629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 17 Jan 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4D99 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
74942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 17 Jan 2022 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdnv8vw_lYeDNCJLa7_UPpoKjmAXW7ePhZtjG8fv1DqGuqbfYKRABIPzf6BlglZKfgrAHoAGLlJCBA8gBAuACAKgDAcgDCKoEkwJP0CQLUmkLAK2I00dEYJgohaDaecR-8czI37Yj4T582-s20lxwaaJzEnBBA6lOOeLA2k_LP2KEi_MvzEfkad6a0ZjbvRq6tDnzaQ1Q8EQQtWk6rzsf4-SCucQzccNKMB-nGfjNG4atZaEDbB5JVTChk53BMmbPLMrkJP3Zo1JkBIG-MNfG-MBUr9CiLh8taOjjIfBi1ymT6Ni6DoaVL8P63fEhpxD8g8QhkWFUQplBvlAreoRO4ReaMYmU8Q3o2XBwZvP9zdJIK87Cg5WlcRcCx0uqzxi7OGM77h2sFWL_NJd3KBQ99Rln29W3kVF_wt6x1sdpOy0RVES38TY_fQGdVV6EZwWZ7pZqH7rcaEiXm3w5y8AEqb61oukD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB93r736oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCZ1QnSCAkIgOGAEBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=qWD25Oyna5Y&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94734831744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F30 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 00:54:31 GMT
expires
Tue, 17 Jan 2023 00:54:31 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
20856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C876 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3867083981befa13f81ddd8f02cb34e44b67de6ad62dd4e9a4dc9d8e21058f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AM9lf3l2MNVV4592izOWag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 17 Jan 2022 06:42:07 GMT
date
Mon, 17 Jan 2022 06:42:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AM9lf3l2MNVV4592izOWag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
syncframe
gum.criteo.com/ Frame 15E1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1769
date
Mon, 17 Jan 2022 06:42:06 GMT
content-length
4160
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Jan 2022 06:42:07 GMT
css
fonts.googleapis.com/ Frame A274 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:50:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame A274 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:30:13 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A274 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmB7Vvw_lYd7NCJLa7_UPpoKjmAWKo5jmZ83WubX2DIyLhZ4LEAEg_N_oGWCVkp-CsAegAeDG-pYDyAEJqQI08LTnNSezPuACAKgDAcgDmwSqBJQCT9ApNILtb2imJ3uCji4PiuSODI3Q0pn1OPf_3k_pKUihuxP4ytOwU0_nLd1VTG14H8DTkxDe0Eo7PF77fhtqntnv9Jh1f-H2L9uZ7znR0mZjAA9OVArBQNMQ3fK0O-TRWgcZhUBH_AOkUGXSuOh9UsfTwqzZDABt-_Ppl4pb01MpNWFLh2OlXjsWdXaIRYFrr-l3Hl6dwaf_ZjlinJUPtU_aHWAHK4iFoFBhImDq1PtbZ-rWxSPkqUwLw2KAcg7uCVaAidE0yMWy3X1mfvDsfvCAT1JhDvpI6mUVrB9zeoANZEQCU1EEL7nHxZ2nruPy5gHIioW6zlmybvTc1lW77zjXEUJWd2Vx1KR4m1mpa5BUPKKUwAS1mvL6pAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-ISXIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBC-kgfSCAkIgOGAEBABGB2ACgPICwHYEwuIFAPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=9bdnknbcCJI&uach_m=[UACH]&template_id=494
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame A274 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame A274 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A274 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame A274 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
l
www.google.com/ads/measurement/ Frame A274 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuDSwHWClFVBklCTTKW-itWP4JvhtqdwKxtXe-gpfhQXGSMfMbRIn2lY82aMdGHdO43CBMO0sKgq70gbObE5Mk20lmNw
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame A274 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A274 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRMRHYoNyEvwCm13dzh8wYy0UM7O7HRaB1CxeW4ppK9jFhskF90GPmIpwD2eA&usqp=CAI
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66435edb579006becfdef95cf1022edfd13d4d7c09bbdc142bd38924cb54f293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 01:03:46 GMT
x-content-type-options
nosniff
age
452301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21944
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 14:27:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Jan 2023 01:03:46 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A274 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS4gZ4s0hQnOq3LCHR8-x6xjVnXMIvAvwpWmCrglxibuVIvYy8Dz2QNpK3Dtw&usqp=CAI
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02c5f050cc94d8316f95eba619abd3cccda98f18297cdd45d78d8201cd32daca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 23:12:47 GMT
x-content-type-options
nosniff
age
113360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20355
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 13:12:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 15 Jan 2023 23:12:47 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A274 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQlxwwvurVcX8l05kM5GylElls_XJVu60GQrgtbHMilO_RYAY4f0WQG9adtOw&usqp=CAI
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6436ca320f88073f092d4a9fdda0f5d78d0a248530e7cea8e2a3bce277bf1945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 06:53:48 GMT
x-content-type-options
nosniff
age
85699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29177
x-xss-protection
0
last-modified
Mon, 11 May 2020 11:14:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 06:53:48 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A274 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRyEjUWjyBbEGFvDUJXS2-54X8ppWBpEJ-g_GrDGPwhc6KiGpJDIjUvL9QfTCE&usqp=CAI
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c66ed449331651827905509e3a8052cdd8e4c68c29795f0161ab4808bd93ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 13:14:32 GMT
x-content-type-options
nosniff
age
62855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20846
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 05:43:12 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 13:14:32 GMT
6572644254404355299
tpc.googlesyndication.com/simgad/ Frame A274
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX27PFbhDoBxjoBzIIpAVBO9dPPOk
  • https://tpc.googlesyndication.com/simgad/6572644254404355299
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6572644254404355299
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da04b183f0c2f30f338427c543e8e50ab9bc23b21c51601b6e02cd365588d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:12:25 GMT
x-content-type-options
nosniff
age
260982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27442
x-xss-protection
0
last-modified
Wed, 29 Jul 2020 20:06:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Jan 2023 06:12:25 GMT

Redirect headers

date
Sun, 16 Jan 2022 23:09:16 GMT
x-content-type-options
nosniff
server
cafe
age
27171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/6572644254404355299
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 15 Feb 2022 23:09:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 33C6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 17 Jan 2022 06:42:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 673D 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CipSoUYte8a5SK4faF18Q6NkIOh-oUJnSx7qkh0XVe7HitKfQUkrDwM3EeQ_KgCsDqN9m8LWWO7385zldyt6Rq0LWlqYrkaejAXyhQo7W5lTeolwHFzJ4WlrBfhpt5Si__DCHZXfkfyUfj8021OitfjP8pYQ&dbm_d=AKAmf-DcqX4zXiaAPK34UGZ35Wbrj3_HIGK8Jy_2GdyRkhxaTn2mdGEYYyAPekBQc9ZMULCwoEgnpmrwSE-758P9EogbRbBq5zSwMse-ddzzWPRfElFrpny_1nxXCB6z9Ix-KE6G_atLYyl51-xS3ArJ3mwGB873QifGqUlzZdDz3m-FafQ8ooU_n0Vcm5bzb9VysgJ3sorBiXcXsnkHWDqkfg31_XaukQynNpnGqhRoUrI8_7T9X4IjDooKutuDR3KIl4eie4Dbke7c23jPH_lAoVcuj9I-2JVQ0IPf7jifBtmS0QGEKGTWD8TIFlwiwRlI4O5aaQPWqmbsUFgBdiZqne9Sd0OfBCcY-lID-gUhdzb9LwkztIDAo2zZF7slLS03B37m7WHY5g7rxVLGVCilW5dsakAbdvgVuMIKE-i6P6CjUKEbhcwv_jKEW2GtmjVvN2ZvGrerBOvYBTabX3PIs_J9WFdgDX8l2xTGH843uOSt1F1ajVREHF-lViidE3MosrBbw_uA5XoGbPGMHEdxlBfENQiQKZaqU7eEjReCbs7QdGHOs3n4U2f2h7d9Etj80Kz89KJFZDA8TIomqFBBMN6Q3c-A1eC2AgAEod3T8NUyPJjGZAVF-5E0RNja2O3T0-RCyBqVweGqm7QDeCFuTlGJM4qkwyL3Eg0hY_Vq3Xkzj263K9bWzDjRgJZUyKgeFJtV4oFByLchsmU5nVFIjZVf4_SrGSouGNjISTtpXQ7k-DAcpXWMRivJX1wOO22YThUygdVuSUrVNNdkiZvsP4UVtYyL2749WuG266gwBP5fI_IeAF6TJ9LgjJiks9F02fJDJMvKNMP-X-3d8ttlmOceJNMoIRARACjX-7n9_eqto6F0mJ2Gmt4soW4W1ujTkGbxExGeSxUkQVVXBF7DYrdCdANgoT9YWOeC7zr3vyHS6HI1MmtjQ7OqH1euqLeK0jmX8B_CBTo_PqUJ8VRElqr7r3vWARoQbglu8qq1IxUGGfRKnzbJ9d9pi54p6CZ1u5qtx4liVLUKrEKhz8WxEHQv6s1ASXunviYCBDJWgvN2bonqv2W6Yt9yYVJYjA6i0lK7bFpuO2xhdk1R_nuwaUJRHj_LBLg9MZujk3Tcmf6AgkfsGHotiHbFZkOtQA1snuI4AvFsYRVFC2a1TW4l9E20rTKcHAAlB2wkMdZPumvhhb9Ep7BL993L8unPe4aEcasSTlXDDmqK0Ly4tqwQpeaxpSjZSLiE_dUYN-ns40uqWWoyIl2UTKQ5m4vlRRzoiadEDT50KKxBTX8esNqMtny6ed_O-0bRPklYqpqPxcAdLHFnGHz-LeywayxIou6LXyXaLghNkuQdbk9yV_KWgOhSzmHxwssoemcyqWgClmJwJZAxGcFhXDGlEgnsQxefJvUA8W22_e44RMmBt29MZMVCu4NFKLM0_Lo1YVb7Epd153PKcQGrenGuTHJWQ7eUdbO_g4AYRkMIsN519tzYlbkJbQSLEIbq4ji1as2ZOfFnb22q_V_GdqMDdSyOLaIUYOXvB8mh_fNHHZ-rX6I3Dd1eos6XQ0ralxBeM7vSV_Oa0hmO2We_8ea1putIoTo7gvxukcARa76f8F-TUdXPUf0gHxpdVMtDSG_XekNcIy7e9FhPS4qylKIEA192PvLmjcsX1uOWxl5_RhKyyNeRMMt4xs92nC89IvogARsKx5jcd-QLz7Tchro4jSwiZf2ndPvjSkmlCI9bv-Cxa_jme6I4Fxk07qwT1mmMkzLRhe_vfnMUXnyKPqRp_NhmtJpwrPuDg0ozG7b6GoUtIZMex7YG-2GXv4OD-FbAnG7jNW6HysqzUZ3hWcYIJDOu4QKCxQVTUZ6XP3490WW7TVhT_kFTd124nl9WT0y9SbgAZUxil3Ki6tS9_D3qrCx7o9ycVe4LCc-m0zTQOLUx6zbBLhge1IHsJ-5WEvvR8NpcwmZInyHcHG7OnUp_oOk8lz6j5CUmnjGYke5d3mDfKBETAZ3ilCLI5FwyaamZ8IgDksO7L-obs6nHRZAqn7HcXRjsCqOMFiQIxa8Fbidn1yMH6MLH608ZmORlPCtjkWu4762vtnIo2cGRs9e9fK31M0KVFMpQGc_KPZdIcyyRyzx0AQ1RVDx23a92mvvq__YJXmwRjaRgfUESFiFNjDpSd7JwTGEhcW8WC0hoseMwMiBn3l0_2rlWZuRDZR2AlK42FVqvMuBgeXTScMoaVY9SHEk4U4oD_b1wy4JHBJO5jibcrgtzql7Vr721c0Bqn6HmIeOFcgAu1LCKyLgK4F_XkCnpMuvVQF76bJvU8LiIH1f7IQmlgffEJojsaiZxBytWCLjkSFEDEwNRunHh92dqM5V3YrHLXbnMQLbBlBlAGo3V-_frZaZ-3pGBxvQy5ItU07XYbD7Kgnb-ue-CaaB6YtbGy2Fa_BIlyg_U8myL8qxD6WYBwgpQEAdVH5oisTN4jjQEs8HoB--8dlBOEPrk3c4eqvVy7vl611kBAn3S_LeAlO1ruePvj5WdmuBK09XNa84qNrrHL0I-hHdzybO6Tyd3HD1O_1Xy6x8yU6IAHZmCK5-Shl-aXMfvwtlrE8koL0N6FNFY0SD0jJhMpC9XdJSYQwhmh736HlmwdKd1V-GnhLO85ltNEZGPhRhH_-MyB94ddmxJ5yALFHmA-mg_7PGd7koow8iI7XC7vc-MMUHBH8i-6pNDdCcmn3Xlc9RkHG6-mdjskUbMI6lIPi0prDOk9bFvOPyzP78agxQER9yxGvqDox0L7Vb8-VWSIRgmDM4kE1dASkpr1wwNmuDb03uiknSexH-jf_grRH_X8CFhCAwM0ljgmGqK5U1xTXBS34weOUdHNWgPHUV03kS-DMwgwCc5_ueDC6N8qayUyMfLbEvQj0JplF6I9wty66QYy_nS1YT9otSgDfOCSJNAM-CSC3U1vZky0Gqs6kHi0I3GsmBWmU_d3EnIkyQmALYOOJF-0CcHPibjo6H2GtJaEy0Mhw6ftA98EnQD0P_2uiEFPlXnXJAxc2lFSxh2hzrFmR5kqQTvNtyiQ0Oh0T5djOfvcp5RwT47LlU4oTdVlMATXSU1IGZIh5kSW8n9vz5KpllZbdDAMBH8A4vkPGD0MQa4BOKGuOuqOmcezgc49nnF7u8aqUXC3A&cid=CAASEuRoZPtSxyuKhcQPad2YS9Ji1A&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a110ff47a2d14c8c8141a5a1c9ab1b50b28406af5d0b4683ca33adde49409a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30440
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 673D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A62RcevrIeR7_pQxSSb5fWqbPS-hamMIvqwCYYnxvo1Vq-qIR-hh8zWETDFsVrLmaAHQnYRpXFoOcaGORiIeLjILd7cXRj2cKajhd19i5UIdF5N3A
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 673D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 673D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 673D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
l
www.google.com/ads/measurement/ Frame 673D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRSjgsMZfjU6k33SL4O7P_5J3_k20A2uIB_tlSBbq372VDlD3Q6X0Z1rOgRgJmRwjO_2Kq8e9kUIhGx9KQ9aoetGPK2A
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 944D 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 04:46:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 944D 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:30:13 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 944D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIwnvvw_lYeHNCJLa7_UPpoKjmAWKo5jmZ83WubX2DIyLhZ4LEAEg_N_oGWCVkp-CsAegAeDG-pYDyAEJqQI08LTnNSezPuACAKgDAcgDmwSqBJYCT9CSZLNvyEeGY-oR0vmZFt39Hp791FGMxEUB-_kOfyEa21zx0Um93kbDDGJo_Lw-BoE4V-60W8CkidEPOV0ZCsH1qE7Xckw86j_0CBaOmgqc9zc_oX5Ix7MG68QuNnfUHkASeu9IQbx-6v3VD8Q7lZDjNNiUAlSkiQRPyRf3jBeAO4fA8PRcsXFuC16DTw4aiylV5_2OjSmJa_jUEgp2Hh2nFr9Am46H7pzKSLZdZ02TlqXpDw6-oapuV0a4SRILCKVxvs51_qqIWpfvkDR6AbiotBJvMcNVvmbC42jeFXCkO2Cn79WbtZOiLHQXV1IWEV7VfMagRofFUZHja5gGfbX08dA8upvDeuc5xZ23TQ3TT1oSfC7ABLWa8vqkA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf4hJciqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEPS-AtIICQiA4YAQEAEYHYAKA8gLAdgTC4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0GJyTDw&sigh=fMfB7V8u-2I&uach_m=[UACH]&template_id=494
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 944D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 944D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 944D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 944D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
l
www.google.com/ads/measurement/ Frame 944D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtuVtvHRqjn514sjnkDvjrGaz3FMIBZDsm-HuWoSzTKodM2yIWfFMrNilW7dFCHHLiH-cVJRmVrGE2zEhQpK5ius_nMw
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame 944D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9423 		491 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-HspcCENqrlawCGJmomrEBMAE&v=APEucNXzaBwN9QM94gbxlB9in6OSQ2cjRTjXXUGHZtqcLgJKJCL2tt-YmBuerk732V6130GFVi-oDdcoNqBhoiuWQ-WylR4KrL7H7pGEkGI5nEmGZEtYsrg
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 17 Jan 2022 06:42:07 GMT
server
cafe
cache-control
private
content-length
308
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D12B 		75 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZRhBwSvG7gTcADWjoCnOrJDhD8eSZmUSeFDyrb6dYw3hPLEeprMJwXSphxJ2io2dGRhwOHCZRjs4xFzY80vLWiQZ105DIJvqp-0LRK6C4Hr1YTKAal5XxGAUbplPkAeqw8PcEONZBn3YoxejznmQHJqHhCw&dbm_d=AKAmf-CXj0BpepxqyjymczdC6CBVgtwK0PIOpJQNV5wDbWWkizEWLiygH4XxFNTgygjMpl2z7yVWZt4cL9XYX8jneujviG2WGZ8Eqn9R7d-GOqiACGIqM03tVNJR9t7ZHGk6H_RaKRSs4Hwvl1H_R7N3HXL7eDOXfa4NRJh3HCUWUgVLLtgEp4szH9PIuYwsr8GsSRo-62YtD4a8gf3Ra_wSHPs1HHHFQzgP5P9ItLJk80itSuRmwQ0WKXn-A3wsaeK8myRQw-16tXuKS54EGggfMIRWMMFIGAyMylBRb0uC5VHI7hwIstjxCq0k2m91jq-ktUlSVRSRuiJIZgamNY9Ox2NOtacilwBFtnP5lDghDfhE_2ZRAHohNW6pcmczO2BBeENNwk_lehglw-Ky6S1KPHFnmfLGwdVa1c8BHn0rXdvhk2CahxJ6u0561JJS_lVmiHKJckx26mgd1VOKNKCmUWVBZOjq_ocpWOe72NKiabA26chlBflcm3IviebS9WlVX6kdGSfML_BUOo_0Y5iK5bMnWS1EsuVnzJ5BE8QmAifZGcSYHC0C7kcb6pLE6uQ9cTEOxYcFBv91W5sXwxmAUktin3UzXOAPy6XXXuYEA6H6vkICJxkfwhRFylBmC5qhHRGG6Nq5t_wndFTUynmSyW49z-doe8uKll9TuhsS-IOtWwPkeGYdrJh9SJQK4kuSbwMz1i5wTAeYrEKI386m9YoL5NYKYpD9Fs0CDnYM6K5tQWElq1BGoKkScrfxB9hQYCeYvwHmOq4g18Z4XdPAx2LVfyvxdv_Nbj-I0Lb1yVdOCgE1hlSLOQ4DR5tx0aC7BSw_CFuIK1MBmLDRe8cYNQ3JccdbnnN93907jEtki7rUOoUpiI0Uud_VZXW4JEcIGJOfhUmu0dHL3D5aAJyGLSSpNc3jMOmt4jXHOAB835O2R3_RaeRgVoZzkzYaQG701YnFIOs1y7Pqays2fBTQdrnC5neluAuUmJxbzKnGGNtnNOFPzCkBgN9SWWKoOhwx1bo3gLyDRXEzLLKqg6Q_yQPqfe6racbx4zsMCtdeWgme9hGSqaMy4qywi9BS5cj3LN40WzME-KVakq8ZPJzDP_mASKAogdvTMRcWVh95PUKDpb8CEcq3_KqsKWW73mhBcWCefmCIjB_sl9MXoyjpCUk9uHIEunJHkjnFDvYopk11CbzK71erWo92AxqxDdd8ivcqPeiybmNzTv0WNqRe_bOc_YDZP8IASICyH4emYcuapEeCBc11a7QVDx21ItNskrhI_u7IUuKm1SC4MDLE2zRfOpyq7wnxjwvrj3n9pcdsN1c2OGZhsywbMVxjmcan-CC3Y_kFtQWy77hdd73UBupiYkCfSGDTTOeKi8fEfdeSTmy_Cwg_M8q9h28Vaf271Xg8T0tqx8SMScHtPbeg6AQOLLcNDyRSKB8auIwteXmkrWe04SDFgLjfEyVEZylYR1lwsw2YU7iRlAPJE9CgYNgW9o6Wau259_sroMPcV4bhWUb7Ob5niOWjNzVz6tvEulc2pjSnOpAxH0MmWWkGbNI1TDQ27ePVEKVXCV_ytO9j9_X6SOc3ntT4HI6dHdaccJguj5lvUeoHrZ1GSVW8zeS3SDXe4R_ZarAAODUNqPuPvBeamJBvsrOXtim2F6U8BKJDZvtjmElF-QW7lcpQl6FK0rBN7OGFM7rRAKuY8YPljdssW-3Cb_z892HXcyjXak35Pb88r57TRZPfcCkl2Zz4h1Yob-EhNPY0KlmrwYAo2dIFQgwRNJgW7YEi24XB2uS7AdN4gmfuLFetr0QCD6n7FFQZ9kS3bAOfQlAONsktbLZbhCwWDQ-LA8R0y3GLo8xdkNP7zUrjXDP-Lxq8ozRKL4laaecwP6Jr7i5dO2mnwsMgmZeMYFWi7GkxgeBXketLw7z5FSGUR-XudtmpSxRuJ8sULAyXPrqwDZ26SPVE3hrfAOyvNAjNtNrsiKUCXIIKCvTTHGclTMIo5epGUIUlRHsG3s3hhu7mBtnJIlbMs3qKJLUnQ0mTJuSmdV3OI8fTz6VkCQax3Lfu4ZeYtsu043Ek3eWcyZV3fzGooKy_G709oNZnEHIbqw0pVZ5__cLuChB1f990KZMp3Zem25IZPeaSdX37qsNOzUIVFHqHIDRUcIwsiqWKcNKpmQbn-A5hYj9V6Q-MoTqLYItDcLD6BGGoxbJU3BcJoKuqW7uP49gqo5CR1pLc8P_yJiZbtoBtxja01twEkawRnzGKE9odPj2uNTaexSTjoaK41Bl_q09jBBFeWtI36pUen7ip1W-NIBiNcl79rTSP3VoF6bEPvx19nn007v-Er_P0tHd1k1fYrqZVJPRgl9EVMxO8mt1TysYptHVR0m56WM9rN9LdYluDKaowXIYbCwhjzaF-5PEVX1YzQMqgy1lcBAdizk5s2BSJuZF0bL3JLdgabiG56SkbUzTpcq9_gv15XDapCzCT8Jkv0lY0cbNu72EacI_hjtGMD0fyXsxXm8XhS_fCpnwkYJjKtQQUF7R4LCIk2ZU2hj1MEg8nfkeC9BLsBESWwUczvx1v58nM0KanN5BhRp0XzI2OkvVADyR7pvDFGMwd6I0M0488X0QoqwW-EaIhg7F-TGAQbDxpW5L-_eFgnVf1PXw96fTkieBlOt3ZpXqwle6XJRGhDzBO7rlCi6uFds34Q0WAgTPLuMJ3x5cUJGow12dPqRILqUZaO1dfKRRC0na22F41ysOYA3bJ5dlMvI8QR-gna6QrrSzT4hiuIyyCXID3PMnnz6KCctV6rWm8OELubznTYzsziEDRsZJQchi7Ng7D3478Ow1l3yKRmPUYTe2bvZ7V7B6Ns6fRHSven3OVFG5kRKgKfp6tIJybzO6YBkvouK2JvqjnkR4fx6h6M6JmoxnL7hmfdmp9w04dtUylGDkVXbAVtU72TRcAAuQ3ml03wnUu3sqlmkjmfyyrbtGWfJt0nbJpZJwfXJZ1IoNlbn88BonBLBR5pVVqqHGb_oVR-6T6OntoHGKX7_hB1vgkBj_k_7TwHQFvbrA-hcgnLNbnjgWjbIDBCJ2aH4jGkJmUr2XVOGF9k8OH1K9n3gq7ynyD0q_CjywjLlktFb8&cid=CAASEuRoYTBtezH9dwdFJSZP-Eyhsg&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2be0ff5e87328b847db47c3d052196266daa6e33d17cd847143511eab0022bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31165
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D12B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_pHl4qFfsyh2z3vsfwkmRSL_BapVfZhNBZvP_WiAoc332UY16t38lof8nLKrUvXFHpy4yL-Tz3fEouLHlEB4XbqjFOTprOJYOUtQb_lUYc2TaEl0
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame D12B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D12B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame D12B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:36:04 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 944D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS4gZ4s0hQnOq3LCHR8-x6xjVnXMIvAvwpWmCrglxibuVIvYy8Dz2QNpK3Dtw&usqp=CAI
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02c5f050cc94d8316f95eba619abd3cccda98f18297cdd45d78d8201cd32daca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 23:12:47 GMT
x-content-type-options
nosniff
age
113360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20355
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 13:12:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 15 Jan 2023 23:12:47 GMT
6572644254404355299
tpc.googlesyndication.com/simgad/ Frame 944D
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX27PFbhDoBxjoBzIIpAVBO9dPPOk
  • https://tpc.googlesyndication.com/simgad/6572644254404355299
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6572644254404355299
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da04b183f0c2f30f338427c543e8e50ab9bc23b21c51601b6e02cd365588d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:12:25 GMT
x-content-type-options
nosniff
age
260982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27442
x-xss-protection
0
last-modified
Wed, 29 Jul 2020 20:06:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Jan 2023 06:12:25 GMT

Redirect headers

date
Sun, 16 Jan 2022 23:09:16 GMT
x-content-type-options
nosniff
server
cafe
age
27171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/6572644254404355299
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 15 Feb 2022 23:09:16 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4D99
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 17 Jan 2022 06:42:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
8847096314685480132
tpc.googlesyndication.com/simgad/ Frame 4D99 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8847096314685480132?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmAv3SfukudjL73SM2PVDrCKWEq7Q
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
803c9f605a135389db61d95e51c42329605472af402ca0dc7c00103ff9c8c333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:32:03 GMT
x-content-type-options
nosniff
age
389404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25396
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 11:12:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 18:32:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4D99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
75629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 17 Jan 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4D99 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
74942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 17 Jan 2022 09:53:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C876 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=4482607639925597&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 673D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Origin
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 20:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 20:53:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 673D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CipSoUYte8a5SK4faF18Q6NkIOh-oUJnSx7qkh0XVe7HitKfQUkrDwM3EeQ_KgCsDqN9m8LWWO7385zldyt6Rq0LWlqYrkaejAXyhQo7W5lTeolwHFzJ4WlrBfhpt5Si__DCHZXfkfyUfj8021OitfjP8pYQ&dbm_d=AKAmf-DcqX4zXiaAPK34UGZ35Wbrj3_HIGK8Jy_2GdyRkhxaTn2mdGEYYyAPekBQc9ZMULCwoEgnpmrwSE-758P9EogbRbBq5zSwMse-ddzzWPRfElFrpny_1nxXCB6z9Ix-KE6G_atLYyl51-xS3ArJ3mwGB873QifGqUlzZdDz3m-FafQ8ooU_n0Vcm5bzb9VysgJ3sorBiXcXsnkHWDqkfg31_XaukQynNpnGqhRoUrI8_7T9X4IjDooKutuDR3KIl4eie4Dbke7c23jPH_lAoVcuj9I-2JVQ0IPf7jifBtmS0QGEKGTWD8TIFlwiwRlI4O5aaQPWqmbsUFgBdiZqne9Sd0OfBCcY-lID-gUhdzb9LwkztIDAo2zZF7slLS03B37m7WHY5g7rxVLGVCilW5dsakAbdvgVuMIKE-i6P6CjUKEbhcwv_jKEW2GtmjVvN2ZvGrerBOvYBTabX3PIs_J9WFdgDX8l2xTGH843uOSt1F1ajVREHF-lViidE3MosrBbw_uA5XoGbPGMHEdxlBfENQiQKZaqU7eEjReCbs7QdGHOs3n4U2f2h7d9Etj80Kz89KJFZDA8TIomqFBBMN6Q3c-A1eC2AgAEod3T8NUyPJjGZAVF-5E0RNja2O3T0-RCyBqVweGqm7QDeCFuTlGJM4qkwyL3Eg0hY_Vq3Xkzj263K9bWzDjRgJZUyKgeFJtV4oFByLchsmU5nVFIjZVf4_SrGSouGNjISTtpXQ7k-DAcpXWMRivJX1wOO22YThUygdVuSUrVNNdkiZvsP4UVtYyL2749WuG266gwBP5fI_IeAF6TJ9LgjJiks9F02fJDJMvKNMP-X-3d8ttlmOceJNMoIRARACjX-7n9_eqto6F0mJ2Gmt4soW4W1ujTkGbxExGeSxUkQVVXBF7DYrdCdANgoT9YWOeC7zr3vyHS6HI1MmtjQ7OqH1euqLeK0jmX8B_CBTo_PqUJ8VRElqr7r3vWARoQbglu8qq1IxUGGfRKnzbJ9d9pi54p6CZ1u5qtx4liVLUKrEKhz8WxEHQv6s1ASXunviYCBDJWgvN2bonqv2W6Yt9yYVJYjA6i0lK7bFpuO2xhdk1R_nuwaUJRHj_LBLg9MZujk3Tcmf6AgkfsGHotiHbFZkOtQA1snuI4AvFsYRVFC2a1TW4l9E20rTKcHAAlB2wkMdZPumvhhb9Ep7BL993L8unPe4aEcasSTlXDDmqK0Ly4tqwQpeaxpSjZSLiE_dUYN-ns40uqWWoyIl2UTKQ5m4vlRRzoiadEDT50KKxBTX8esNqMtny6ed_O-0bRPklYqpqPxcAdLHFnGHz-LeywayxIou6LXyXaLghNkuQdbk9yV_KWgOhSzmHxwssoemcyqWgClmJwJZAxGcFhXDGlEgnsQxefJvUA8W22_e44RMmBt29MZMVCu4NFKLM0_Lo1YVb7Epd153PKcQGrenGuTHJWQ7eUdbO_g4AYRkMIsN519tzYlbkJbQSLEIbq4ji1as2ZOfFnb22q_V_GdqMDdSyOLaIUYOXvB8mh_fNHHZ-rX6I3Dd1eos6XQ0ralxBeM7vSV_Oa0hmO2We_8ea1putIoTo7gvxukcARa76f8F-TUdXPUf0gHxpdVMtDSG_XekNcIy7e9FhPS4qylKIEA192PvLmjcsX1uOWxl5_RhKyyNeRMMt4xs92nC89IvogARsKx5jcd-QLz7Tchro4jSwiZf2ndPvjSkmlCI9bv-Cxa_jme6I4Fxk07qwT1mmMkzLRhe_vfnMUXnyKPqRp_NhmtJpwrPuDg0ozG7b6GoUtIZMex7YG-2GXv4OD-FbAnG7jNW6HysqzUZ3hWcYIJDOu4QKCxQVTUZ6XP3490WW7TVhT_kFTd124nl9WT0y9SbgAZUxil3Ki6tS9_D3qrCx7o9ycVe4LCc-m0zTQOLUx6zbBLhge1IHsJ-5WEvvR8NpcwmZInyHcHG7OnUp_oOk8lz6j5CUmnjGYke5d3mDfKBETAZ3ilCLI5FwyaamZ8IgDksO7L-obs6nHRZAqn7HcXRjsCqOMFiQIxa8Fbidn1yMH6MLH608ZmORlPCtjkWu4762vtnIo2cGRs9e9fK31M0KVFMpQGc_KPZdIcyyRyzx0AQ1RVDx23a92mvvq__YJXmwRjaRgfUESFiFNjDpSd7JwTGEhcW8WC0hoseMwMiBn3l0_2rlWZuRDZR2AlK42FVqvMuBgeXTScMoaVY9SHEk4U4oD_b1wy4JHBJO5jibcrgtzql7Vr721c0Bqn6HmIeOFcgAu1LCKyLgK4F_XkCnpMuvVQF76bJvU8LiIH1f7IQmlgffEJojsaiZxBytWCLjkSFEDEwNRunHh92dqM5V3YrHLXbnMQLbBlBlAGo3V-_frZaZ-3pGBxvQy5ItU07XYbD7Kgnb-ue-CaaB6YtbGy2Fa_BIlyg_U8myL8qxD6WYBwgpQEAdVH5oisTN4jjQEs8HoB--8dlBOEPrk3c4eqvVy7vl611kBAn3S_LeAlO1ruePvj5WdmuBK09XNa84qNrrHL0I-hHdzybO6Tyd3HD1O_1Xy6x8yU6IAHZmCK5-Shl-aXMfvwtlrE8koL0N6FNFY0SD0jJhMpC9XdJSYQwhmh736HlmwdKd1V-GnhLO85ltNEZGPhRhH_-MyB94ddmxJ5yALFHmA-mg_7PGd7koow8iI7XC7vc-MMUHBH8i-6pNDdCcmn3Xlc9RkHG6-mdjskUbMI6lIPi0prDOk9bFvOPyzP78agxQER9yxGvqDox0L7Vb8-VWSIRgmDM4kE1dASkpr1wwNmuDb03uiknSexH-jf_grRH_X8CFhCAwM0ljgmGqK5U1xTXBS34weOUdHNWgPHUV03kS-DMwgwCc5_ueDC6N8qayUyMfLbEvQj0JplF6I9wty66QYy_nS1YT9otSgDfOCSJNAM-CSC3U1vZky0Gqs6kHi0I3GsmBWmU_d3EnIkyQmALYOOJF-0CcHPibjo6H2GtJaEy0Mhw6ftA98EnQD0P_2uiEFPlXnXJAxc2lFSxh2hzrFmR5kqQTvNtyiQ0Oh0T5djOfvcp5RwT47LlU4oTdVlMATXSU1IGZIh5kSW8n9vz5KpllZbdDAMBH8A4vkPGD0MQa4BOKGuOuqOmcezgc49nnF7u8aqUXC3A&cid=CAASEuRoZPtSxyuKhcQPad2YS9Ji1A&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:27:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:27:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 673D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CipSoUYte8a5SK4faF18Q6NkIOh-oUJnSx7qkh0XVe7HitKfQUkrDwM3EeQ_KgCsDqN9m8LWWO7385zldyt6Rq0LWlqYrkaejAXyhQo7W5lTeolwHFzJ4WlrBfhpt5Si__DCHZXfkfyUfj8021OitfjP8pYQ&dbm_d=AKAmf-DcqX4zXiaAPK34UGZ35Wbrj3_HIGK8Jy_2GdyRkhxaTn2mdGEYYyAPekBQc9ZMULCwoEgnpmrwSE-758P9EogbRbBq5zSwMse-ddzzWPRfElFrpny_1nxXCB6z9Ix-KE6G_atLYyl51-xS3ArJ3mwGB873QifGqUlzZdDz3m-FafQ8ooU_n0Vcm5bzb9VysgJ3sorBiXcXsnkHWDqkfg31_XaukQynNpnGqhRoUrI8_7T9X4IjDooKutuDR3KIl4eie4Dbke7c23jPH_lAoVcuj9I-2JVQ0IPf7jifBtmS0QGEKGTWD8TIFlwiwRlI4O5aaQPWqmbsUFgBdiZqne9Sd0OfBCcY-lID-gUhdzb9LwkztIDAo2zZF7slLS03B37m7WHY5g7rxVLGVCilW5dsakAbdvgVuMIKE-i6P6CjUKEbhcwv_jKEW2GtmjVvN2ZvGrerBOvYBTabX3PIs_J9WFdgDX8l2xTGH843uOSt1F1ajVREHF-lViidE3MosrBbw_uA5XoGbPGMHEdxlBfENQiQKZaqU7eEjReCbs7QdGHOs3n4U2f2h7d9Etj80Kz89KJFZDA8TIomqFBBMN6Q3c-A1eC2AgAEod3T8NUyPJjGZAVF-5E0RNja2O3T0-RCyBqVweGqm7QDeCFuTlGJM4qkwyL3Eg0hY_Vq3Xkzj263K9bWzDjRgJZUyKgeFJtV4oFByLchsmU5nVFIjZVf4_SrGSouGNjISTtpXQ7k-DAcpXWMRivJX1wOO22YThUygdVuSUrVNNdkiZvsP4UVtYyL2749WuG266gwBP5fI_IeAF6TJ9LgjJiks9F02fJDJMvKNMP-X-3d8ttlmOceJNMoIRARACjX-7n9_eqto6F0mJ2Gmt4soW4W1ujTkGbxExGeSxUkQVVXBF7DYrdCdANgoT9YWOeC7zr3vyHS6HI1MmtjQ7OqH1euqLeK0jmX8B_CBTo_PqUJ8VRElqr7r3vWARoQbglu8qq1IxUGGfRKnzbJ9d9pi54p6CZ1u5qtx4liVLUKrEKhz8WxEHQv6s1ASXunviYCBDJWgvN2bonqv2W6Yt9yYVJYjA6i0lK7bFpuO2xhdk1R_nuwaUJRHj_LBLg9MZujk3Tcmf6AgkfsGHotiHbFZkOtQA1snuI4AvFsYRVFC2a1TW4l9E20rTKcHAAlB2wkMdZPumvhhb9Ep7BL993L8unPe4aEcasSTlXDDmqK0Ly4tqwQpeaxpSjZSLiE_dUYN-ns40uqWWoyIl2UTKQ5m4vlRRzoiadEDT50KKxBTX8esNqMtny6ed_O-0bRPklYqpqPxcAdLHFnGHz-LeywayxIou6LXyXaLghNkuQdbk9yV_KWgOhSzmHxwssoemcyqWgClmJwJZAxGcFhXDGlEgnsQxefJvUA8W22_e44RMmBt29MZMVCu4NFKLM0_Lo1YVb7Epd153PKcQGrenGuTHJWQ7eUdbO_g4AYRkMIsN519tzYlbkJbQSLEIbq4ji1as2ZOfFnb22q_V_GdqMDdSyOLaIUYOXvB8mh_fNHHZ-rX6I3Dd1eos6XQ0ralxBeM7vSV_Oa0hmO2We_8ea1putIoTo7gvxukcARa76f8F-TUdXPUf0gHxpdVMtDSG_XekNcIy7e9FhPS4qylKIEA192PvLmjcsX1uOWxl5_RhKyyNeRMMt4xs92nC89IvogARsKx5jcd-QLz7Tchro4jSwiZf2ndPvjSkmlCI9bv-Cxa_jme6I4Fxk07qwT1mmMkzLRhe_vfnMUXnyKPqRp_NhmtJpwrPuDg0ozG7b6GoUtIZMex7YG-2GXv4OD-FbAnG7jNW6HysqzUZ3hWcYIJDOu4QKCxQVTUZ6XP3490WW7TVhT_kFTd124nl9WT0y9SbgAZUxil3Ki6tS9_D3qrCx7o9ycVe4LCc-m0zTQOLUx6zbBLhge1IHsJ-5WEvvR8NpcwmZInyHcHG7OnUp_oOk8lz6j5CUmnjGYke5d3mDfKBETAZ3ilCLI5FwyaamZ8IgDksO7L-obs6nHRZAqn7HcXRjsCqOMFiQIxa8Fbidn1yMH6MLH608ZmORlPCtjkWu4762vtnIo2cGRs9e9fK31M0KVFMpQGc_KPZdIcyyRyzx0AQ1RVDx23a92mvvq__YJXmwRjaRgfUESFiFNjDpSd7JwTGEhcW8WC0hoseMwMiBn3l0_2rlWZuRDZR2AlK42FVqvMuBgeXTScMoaVY9SHEk4U4oD_b1wy4JHBJO5jibcrgtzql7Vr721c0Bqn6HmIeOFcgAu1LCKyLgK4F_XkCnpMuvVQF76bJvU8LiIH1f7IQmlgffEJojsaiZxBytWCLjkSFEDEwNRunHh92dqM5V3YrHLXbnMQLbBlBlAGo3V-_frZaZ-3pGBxvQy5ItU07XYbD7Kgnb-ue-CaaB6YtbGy2Fa_BIlyg_U8myL8qxD6WYBwgpQEAdVH5oisTN4jjQEs8HoB--8dlBOEPrk3c4eqvVy7vl611kBAn3S_LeAlO1ruePvj5WdmuBK09XNa84qNrrHL0I-hHdzybO6Tyd3HD1O_1Xy6x8yU6IAHZmCK5-Shl-aXMfvwtlrE8koL0N6FNFY0SD0jJhMpC9XdJSYQwhmh736HlmwdKd1V-GnhLO85ltNEZGPhRhH_-MyB94ddmxJ5yALFHmA-mg_7PGd7koow8iI7XC7vc-MMUHBH8i-6pNDdCcmn3Xlc9RkHG6-mdjskUbMI6lIPi0prDOk9bFvOPyzP78agxQER9yxGvqDox0L7Vb8-VWSIRgmDM4kE1dASkpr1wwNmuDb03uiknSexH-jf_grRH_X8CFhCAwM0ljgmGqK5U1xTXBS34weOUdHNWgPHUV03kS-DMwgwCc5_ueDC6N8qayUyMfLbEvQj0JplF6I9wty66QYy_nS1YT9otSgDfOCSJNAM-CSC3U1vZky0Gqs6kHi0I3GsmBWmU_d3EnIkyQmALYOOJF-0CcHPibjo6H2GtJaEy0Mhw6ftA98EnQD0P_2uiEFPlXnXJAxc2lFSxh2hzrFmR5kqQTvNtyiQ0Oh0T5djOfvcp5RwT47LlU4oTdVlMATXSU1IGZIh5kSW8n9vz5KpllZbdDAMBH8A4vkPGD0MQa4BOKGuOuqOmcezgc49nnF7u8aqUXC3A&cid=CAASEuRoZPtSxyuKhcQPad2YS9Ji1A&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:39:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 33C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 06:42:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 33C6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeUPwFJpIr37fKYA181AEQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 06:42:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBwWBIwxYrPGfPPOAsMCkTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 33C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEK_0YQ8TGAvN1SdpsYx5h4&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEK_0YQ8TGAvN1SdpsYx5h4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:08 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1455e0c0-fec1-44ba-944b-a0ecc2480189
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEK_0YQ8TGAvN1SdpsYx5h4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 33C6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwMTg2MDQ0MzE2NzQyODQ2Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwMTg2MDQ0MzE2NzQyODQ2Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjX-rO-ATAB&v=APEucNUMh4ZpmPls8_sbvEeFvbuO3LmgE7k_8XYoYECowf-lazsnWIBV9m4EUh4RKPd3FN17oWT1Y4pWGP2j2ISe3jNFfK1qgrRfIZTTmC7ZDTFqL5brSeE
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:08 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
991839a6-120f-4f62-9122-cd008bea0ff7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwMTg2MDQ0MzE2NzQyODQ2Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D12B 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Origin
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 18:05:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame D12B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZRhBwSvG7gTcADWjoCnOrJDhD8eSZmUSeFDyrb6dYw3hPLEeprMJwXSphxJ2io2dGRhwOHCZRjs4xFzY80vLWiQZ105DIJvqp-0LRK6C4Hr1YTKAal5XxGAUbplPkAeqw8PcEONZBn3YoxejznmQHJqHhCw&dbm_d=AKAmf-CXj0BpepxqyjymczdC6CBVgtwK0PIOpJQNV5wDbWWkizEWLiygH4XxFNTgygjMpl2z7yVWZt4cL9XYX8jneujviG2WGZ8Eqn9R7d-GOqiACGIqM03tVNJR9t7ZHGk6H_RaKRSs4Hwvl1H_R7N3HXL7eDOXfa4NRJh3HCUWUgVLLtgEp4szH9PIuYwsr8GsSRo-62YtD4a8gf3Ra_wSHPs1HHHFQzgP5P9ItLJk80itSuRmwQ0WKXn-A3wsaeK8myRQw-16tXuKS54EGggfMIRWMMFIGAyMylBRb0uC5VHI7hwIstjxCq0k2m91jq-ktUlSVRSRuiJIZgamNY9Ox2NOtacilwBFtnP5lDghDfhE_2ZRAHohNW6pcmczO2BBeENNwk_lehglw-Ky6S1KPHFnmfLGwdVa1c8BHn0rXdvhk2CahxJ6u0561JJS_lVmiHKJckx26mgd1VOKNKCmUWVBZOjq_ocpWOe72NKiabA26chlBflcm3IviebS9WlVX6kdGSfML_BUOo_0Y5iK5bMnWS1EsuVnzJ5BE8QmAifZGcSYHC0C7kcb6pLE6uQ9cTEOxYcFBv91W5sXwxmAUktin3UzXOAPy6XXXuYEA6H6vkICJxkfwhRFylBmC5qhHRGG6Nq5t_wndFTUynmSyW49z-doe8uKll9TuhsS-IOtWwPkeGYdrJh9SJQK4kuSbwMz1i5wTAeYrEKI386m9YoL5NYKYpD9Fs0CDnYM6K5tQWElq1BGoKkScrfxB9hQYCeYvwHmOq4g18Z4XdPAx2LVfyvxdv_Nbj-I0Lb1yVdOCgE1hlSLOQ4DR5tx0aC7BSw_CFuIK1MBmLDRe8cYNQ3JccdbnnN93907jEtki7rUOoUpiI0Uud_VZXW4JEcIGJOfhUmu0dHL3D5aAJyGLSSpNc3jMOmt4jXHOAB835O2R3_RaeRgVoZzkzYaQG701YnFIOs1y7Pqays2fBTQdrnC5neluAuUmJxbzKnGGNtnNOFPzCkBgN9SWWKoOhwx1bo3gLyDRXEzLLKqg6Q_yQPqfe6racbx4zsMCtdeWgme9hGSqaMy4qywi9BS5cj3LN40WzME-KVakq8ZPJzDP_mASKAogdvTMRcWVh95PUKDpb8CEcq3_KqsKWW73mhBcWCefmCIjB_sl9MXoyjpCUk9uHIEunJHkjnFDvYopk11CbzK71erWo92AxqxDdd8ivcqPeiybmNzTv0WNqRe_bOc_YDZP8IASICyH4emYcuapEeCBc11a7QVDx21ItNskrhI_u7IUuKm1SC4MDLE2zRfOpyq7wnxjwvrj3n9pcdsN1c2OGZhsywbMVxjmcan-CC3Y_kFtQWy77hdd73UBupiYkCfSGDTTOeKi8fEfdeSTmy_Cwg_M8q9h28Vaf271Xg8T0tqx8SMScHtPbeg6AQOLLcNDyRSKB8auIwteXmkrWe04SDFgLjfEyVEZylYR1lwsw2YU7iRlAPJE9CgYNgW9o6Wau259_sroMPcV4bhWUb7Ob5niOWjNzVz6tvEulc2pjSnOpAxH0MmWWkGbNI1TDQ27ePVEKVXCV_ytO9j9_X6SOc3ntT4HI6dHdaccJguj5lvUeoHrZ1GSVW8zeS3SDXe4R_ZarAAODUNqPuPvBeamJBvsrOXtim2F6U8BKJDZvtjmElF-QW7lcpQl6FK0rBN7OGFM7rRAKuY8YPljdssW-3Cb_z892HXcyjXak35Pb88r57TRZPfcCkl2Zz4h1Yob-EhNPY0KlmrwYAo2dIFQgwRNJgW7YEi24XB2uS7AdN4gmfuLFetr0QCD6n7FFQZ9kS3bAOfQlAONsktbLZbhCwWDQ-LA8R0y3GLo8xdkNP7zUrjXDP-Lxq8ozRKL4laaecwP6Jr7i5dO2mnwsMgmZeMYFWi7GkxgeBXketLw7z5FSGUR-XudtmpSxRuJ8sULAyXPrqwDZ26SPVE3hrfAOyvNAjNtNrsiKUCXIIKCvTTHGclTMIo5epGUIUlRHsG3s3hhu7mBtnJIlbMs3qKJLUnQ0mTJuSmdV3OI8fTz6VkCQax3Lfu4ZeYtsu043Ek3eWcyZV3fzGooKy_G709oNZnEHIbqw0pVZ5__cLuChB1f990KZMp3Zem25IZPeaSdX37qsNOzUIVFHqHIDRUcIwsiqWKcNKpmQbn-A5hYj9V6Q-MoTqLYItDcLD6BGGoxbJU3BcJoKuqW7uP49gqo5CR1pLc8P_yJiZbtoBtxja01twEkawRnzGKE9odPj2uNTaexSTjoaK41Bl_q09jBBFeWtI36pUen7ip1W-NIBiNcl79rTSP3VoF6bEPvx19nn007v-Er_P0tHd1k1fYrqZVJPRgl9EVMxO8mt1TysYptHVR0m56WM9rN9LdYluDKaowXIYbCwhjzaF-5PEVX1YzQMqgy1lcBAdizk5s2BSJuZF0bL3JLdgabiG56SkbUzTpcq9_gv15XDapCzCT8Jkv0lY0cbNu72EacI_hjtGMD0fyXsxXm8XhS_fCpnwkYJjKtQQUF7R4LCIk2ZU2hj1MEg8nfkeC9BLsBESWwUczvx1v58nM0KanN5BhRp0XzI2OkvVADyR7pvDFGMwd6I0M0488X0QoqwW-EaIhg7F-TGAQbDxpW5L-_eFgnVf1PXw96fTkieBlOt3ZpXqwle6XJRGhDzBO7rlCi6uFds34Q0WAgTPLuMJ3x5cUJGow12dPqRILqUZaO1dfKRRC0na22F41ysOYA3bJ5dlMvI8QR-gna6QrrSzT4hiuIyyCXID3PMnnz6KCctV6rWm8OELubznTYzsziEDRsZJQchi7Ng7D3478Ow1l3yKRmPUYTe2bvZ7V7B6Ns6fRHSven3OVFG5kRKgKfp6tIJybzO6YBkvouK2JvqjnkR4fx6h6M6JmoxnL7hmfdmp9w04dtUylGDkVXbAVtU72TRcAAuQ3ml03wnUu3sqlmkjmfyyrbtGWfJt0nbJpZJwfXJZ1IoNlbn88BonBLBR5pVVqqHGb_oVR-6T6OntoHGKX7_hB1vgkBj_k_7TwHQFvbrA-hcgnLNbnjgWjbIDBCJ2aH4jGkJmUr2XVOGF9k8OH1K9n3gq7ynyD0q_CjywjLlktFb8&cid=CAASEuRoYTBtezH9dwdFJSZP-Eyhsg&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:27:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:27:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame D12B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZRhBwSvG7gTcADWjoCnOrJDhD8eSZmUSeFDyrb6dYw3hPLEeprMJwXSphxJ2io2dGRhwOHCZRjs4xFzY80vLWiQZ105DIJvqp-0LRK6C4Hr1YTKAal5XxGAUbplPkAeqw8PcEONZBn3YoxejznmQHJqHhCw&dbm_d=AKAmf-CXj0BpepxqyjymczdC6CBVgtwK0PIOpJQNV5wDbWWkizEWLiygH4XxFNTgygjMpl2z7yVWZt4cL9XYX8jneujviG2WGZ8Eqn9R7d-GOqiACGIqM03tVNJR9t7ZHGk6H_RaKRSs4Hwvl1H_R7N3HXL7eDOXfa4NRJh3HCUWUgVLLtgEp4szH9PIuYwsr8GsSRo-62YtD4a8gf3Ra_wSHPs1HHHFQzgP5P9ItLJk80itSuRmwQ0WKXn-A3wsaeK8myRQw-16tXuKS54EGggfMIRWMMFIGAyMylBRb0uC5VHI7hwIstjxCq0k2m91jq-ktUlSVRSRuiJIZgamNY9Ox2NOtacilwBFtnP5lDghDfhE_2ZRAHohNW6pcmczO2BBeENNwk_lehglw-Ky6S1KPHFnmfLGwdVa1c8BHn0rXdvhk2CahxJ6u0561JJS_lVmiHKJckx26mgd1VOKNKCmUWVBZOjq_ocpWOe72NKiabA26chlBflcm3IviebS9WlVX6kdGSfML_BUOo_0Y5iK5bMnWS1EsuVnzJ5BE8QmAifZGcSYHC0C7kcb6pLE6uQ9cTEOxYcFBv91W5sXwxmAUktin3UzXOAPy6XXXuYEA6H6vkICJxkfwhRFylBmC5qhHRGG6Nq5t_wndFTUynmSyW49z-doe8uKll9TuhsS-IOtWwPkeGYdrJh9SJQK4kuSbwMz1i5wTAeYrEKI386m9YoL5NYKYpD9Fs0CDnYM6K5tQWElq1BGoKkScrfxB9hQYCeYvwHmOq4g18Z4XdPAx2LVfyvxdv_Nbj-I0Lb1yVdOCgE1hlSLOQ4DR5tx0aC7BSw_CFuIK1MBmLDRe8cYNQ3JccdbnnN93907jEtki7rUOoUpiI0Uud_VZXW4JEcIGJOfhUmu0dHL3D5aAJyGLSSpNc3jMOmt4jXHOAB835O2R3_RaeRgVoZzkzYaQG701YnFIOs1y7Pqays2fBTQdrnC5neluAuUmJxbzKnGGNtnNOFPzCkBgN9SWWKoOhwx1bo3gLyDRXEzLLKqg6Q_yQPqfe6racbx4zsMCtdeWgme9hGSqaMy4qywi9BS5cj3LN40WzME-KVakq8ZPJzDP_mASKAogdvTMRcWVh95PUKDpb8CEcq3_KqsKWW73mhBcWCefmCIjB_sl9MXoyjpCUk9uHIEunJHkjnFDvYopk11CbzK71erWo92AxqxDdd8ivcqPeiybmNzTv0WNqRe_bOc_YDZP8IASICyH4emYcuapEeCBc11a7QVDx21ItNskrhI_u7IUuKm1SC4MDLE2zRfOpyq7wnxjwvrj3n9pcdsN1c2OGZhsywbMVxjmcan-CC3Y_kFtQWy77hdd73UBupiYkCfSGDTTOeKi8fEfdeSTmy_Cwg_M8q9h28Vaf271Xg8T0tqx8SMScHtPbeg6AQOLLcNDyRSKB8auIwteXmkrWe04SDFgLjfEyVEZylYR1lwsw2YU7iRlAPJE9CgYNgW9o6Wau259_sroMPcV4bhWUb7Ob5niOWjNzVz6tvEulc2pjSnOpAxH0MmWWkGbNI1TDQ27ePVEKVXCV_ytO9j9_X6SOc3ntT4HI6dHdaccJguj5lvUeoHrZ1GSVW8zeS3SDXe4R_ZarAAODUNqPuPvBeamJBvsrOXtim2F6U8BKJDZvtjmElF-QW7lcpQl6FK0rBN7OGFM7rRAKuY8YPljdssW-3Cb_z892HXcyjXak35Pb88r57TRZPfcCkl2Zz4h1Yob-EhNPY0KlmrwYAo2dIFQgwRNJgW7YEi24XB2uS7AdN4gmfuLFetr0QCD6n7FFQZ9kS3bAOfQlAONsktbLZbhCwWDQ-LA8R0y3GLo8xdkNP7zUrjXDP-Lxq8ozRKL4laaecwP6Jr7i5dO2mnwsMgmZeMYFWi7GkxgeBXketLw7z5FSGUR-XudtmpSxRuJ8sULAyXPrqwDZ26SPVE3hrfAOyvNAjNtNrsiKUCXIIKCvTTHGclTMIo5epGUIUlRHsG3s3hhu7mBtnJIlbMs3qKJLUnQ0mTJuSmdV3OI8fTz6VkCQax3Lfu4ZeYtsu043Ek3eWcyZV3fzGooKy_G709oNZnEHIbqw0pVZ5__cLuChB1f990KZMp3Zem25IZPeaSdX37qsNOzUIVFHqHIDRUcIwsiqWKcNKpmQbn-A5hYj9V6Q-MoTqLYItDcLD6BGGoxbJU3BcJoKuqW7uP49gqo5CR1pLc8P_yJiZbtoBtxja01twEkawRnzGKE9odPj2uNTaexSTjoaK41Bl_q09jBBFeWtI36pUen7ip1W-NIBiNcl79rTSP3VoF6bEPvx19nn007v-Er_P0tHd1k1fYrqZVJPRgl9EVMxO8mt1TysYptHVR0m56WM9rN9LdYluDKaowXIYbCwhjzaF-5PEVX1YzQMqgy1lcBAdizk5s2BSJuZF0bL3JLdgabiG56SkbUzTpcq9_gv15XDapCzCT8Jkv0lY0cbNu72EacI_hjtGMD0fyXsxXm8XhS_fCpnwkYJjKtQQUF7R4LCIk2ZU2hj1MEg8nfkeC9BLsBESWwUczvx1v58nM0KanN5BhRp0XzI2OkvVADyR7pvDFGMwd6I0M0488X0QoqwW-EaIhg7F-TGAQbDxpW5L-_eFgnVf1PXw96fTkieBlOt3ZpXqwle6XJRGhDzBO7rlCi6uFds34Q0WAgTPLuMJ3x5cUJGow12dPqRILqUZaO1dfKRRC0na22F41ysOYA3bJ5dlMvI8QR-gna6QrrSzT4hiuIyyCXID3PMnnz6KCctV6rWm8OELubznTYzsziEDRsZJQchi7Ng7D3478Ow1l3yKRmPUYTe2bvZ7V7B6Ns6fRHSven3OVFG5kRKgKfp6tIJybzO6YBkvouK2JvqjnkR4fx6h6M6JmoxnL7hmfdmp9w04dtUylGDkVXbAVtU72TRcAAuQ3ml03wnUu3sqlmkjmfyyrbtGWfJt0nbJpZJwfXJZ1IoNlbn88BonBLBR5pVVqqHGb_oVR-6T6OntoHGKX7_hB1vgkBj_k_7TwHQFvbrA-hcgnLNbnjgWjbIDBCJ2aH4jGkJmUr2XVOGF9k8OH1K9n3gq7ynyD0q_CjywjLlktFb8&cid=CAASEuRoYTBtezH9dwdFJSZP-Eyhsg&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 06:39:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 9423
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjKSK1kfBISpytAFChgF2E&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjKSK1kfBISpytAFChgF2E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-HspcCENqrlawCGJmomrEBMAE&v=APEucNXzaBwN9QM94gbxlB9in6OSQ2cjRTjXXUGHZtqcLgJKJCL2tt-YmBuerk732V6130GFVi-oDdcoNqBhoiuWQ-WylR4KrL7H7pGEkGI5nEmGZEtYsrg
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjKSK1kfBISpytAFChgF2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9423 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-HspcCENqrlawCGJmomrEBMAE&v=APEucNXzaBwN9QM94gbxlB9in6OSQ2cjRTjXXUGHZtqcLgJKJCL2tt-YmBuerk732V6130GFVi-oDdcoNqBhoiuWQ-WylR4KrL7H7pGEkGI5nEmGZEtYsrg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 9423 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-HspcCENqrlawCGJmomrEBMAE&v=APEucNXzaBwN9QM94gbxlB9in6OSQ2cjRTjXXUGHZtqcLgJKJCL2tt-YmBuerk732V6130GFVi-oDdcoNqBhoiuWQ-WylR4KrL7H7pGEkGI5nEmGZEtYsrg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 7F30 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1769 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 05:53:44 GMT
expires
Tue, 18 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
2904
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A274 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4d11cbdea784b7b701da55021c88bfd1629c317257a83b94a7a251771adb8fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 15E1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=rvi2qnx2TFlqTHhQeVFxUkkzRExEdGRyQVhHNzBVU0hBQ1ordTNxcUdnZHFIOVZZbW9vcjJ0TE55UEFTUldEb3BVVUVYSXhQMDJBZTc5ak01QVVLUVRhekZiYithNHl3MURFaWJvVDB5MzZRekx0b3RTbk9iclFnM0o5b1...
438 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rvi2qnx2TFlqTHhQeVFxUkkzRExEdGRyQVhHNzBVU0hBQ1ordTNxcUdnZHFIOVZZbW9vcjJ0TE55UEFTUldEb3BVVUVYSXhQMDJBZTc5ak01QVVLUVRhekZiYithNHl3MURFaWJvVDB5MzZRekx0b3RTbk9iclFnM0o5b1Z2ZmV5dTJUWXpwVFlxY2gvc0dTNTVPbXFCRmxXSXlEWTM0azdTcjF6NHhWcS9OZnpSbWlxMDZEQ2lDdjd1TXRPeGVGa3NzYkJIcmZhbXpyVThHV3IzT1pFZkZpa0QwM3RQazliZ2tLcXYwUWsvSkpGNkFESnJGaXJNRjhJMk9kUEVCYStmdDRGOE5vd0FtcEtMRkQ3eFE1anFTRVg0dz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4a125edaaa1abf5064686a1910d7e944ac68309befea67d55aac0f31b5b948d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3750
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=rvi2qnx2TFlqTHhQeVFxUkkzRExEdGRyQVhHNzBVU0hBQ1ordTNxcUdnZHFIOVZZbW9vcjJ0TE55UEFTUldEb3BVVUVYSXhQMDJBZTc5ak01QVVLUVRhekZiYithNHl3MURFaWJvVDB5MzZRekx0b3RTbk9iclFnM0o5b1Z2ZmV5dTJUWXpwVFlxY2gvc0dTNTVPbXFCRmxXSXlEWTM0azdTcjF6NHhWcS9OZnpSbWlxMDZEQ2lDdjd1TXRPeGVGa3NzYkJIcmZhbXpyVThHV3IzT1pFZkZpa0QwM3RQazliZ2tLcXYwUWsvSkpGNkFESnJGaXJNRjhJMk9kUEVCYStmdDRGOE5vd0FtcEtMRkQ3eFE1anFTRVg0dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1509
content-length
541
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 455D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 05:53:44 GMT
expires
Tue, 18 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
2904
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 944D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbf709da41534833f5ab1ca09cdf4b9351b3489a72e8e61bd992fdcbaba8f614

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame BD8C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcDayXk8ss7PTzcGf6rdVu9k0PNDig5SIu-bTpjO4Jl4pM7iNjOVVJmOoVdXipihZ5hxqYsTInOguGDRnXNNrdmavuihokInEDFcVZtFWtpP20J6cycw&sai=AMfl-YRyyx0oinu9iqnRP1f-LnlcyuNk41gk8TIqMNpT-jFRjuqWDcwLhXXrQjBkg_KE1QYUaW5IlpIZ6m8e&sig=Cg0ArKJSzOy9oucvBVLbEAE&id=lidar2&mcvt=1046&p=0,0,280,1158&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4019461616&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642401726509&rpt=821&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame A274 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:19:29 GMT
x-content-type-options
nosniff
age
458559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 23:19:29 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 944D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:19:29 GMT
x-content-type-options
nosniff
age
458559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 23:19:29 GMT
index.html
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		77 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36b621503e3cd21c5f0fc811232a1ae2801e80a78cdd86afdbe2324399161f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
18286
date
Fri, 14 Jan 2022 23:00:01 GMT
expires
Sat, 14 Jan 2023 23:00:01 GMT
cache-control
public, max-age=31536000
age
200527
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 673D 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWeOJv6SptoruM0bIG_KAp7UvV9rPyJyxlhaToQHqPS1UIsngNIZqg4OPVuSALztM5l5QJkUMzJtRztvk17njK5WWZoTuX4Ag5BMXW4e__VUnMYCnm1_E0tFShJbBf_MBE9-LVjq5osJFt6Z7_8MmLXXAZS0Kpiqd2TmzsbLOiMcAM01XC5E_Pj9prfOQ4zoT-AcIS43Tx4Ts4MGpbNpKrFaMg_pdhcVHDa__6xWgMlufP-Ltz-B0CfAVANgKBJbctKD9RSYnfMeOanrzNIvtmckQ_tlEc3f6eDmwu-RAF1YynCbeeyvLsw71HzapQDAvCG2QKMQepAnLViy6gDVwkNLuzSS1Crx9eJbd3sZzK4XRrBiypvsPD8_n5UahHBqqYBrOerkai-wWdSqYZU5hStcrG2SKxBkrKtGdJbAIXlPDeVhwYqVqw0kgybmaFk0XgSaKcbfd2_S9_x-No6JjNRSRqnH83jHIUSCkZvMJNRR1xysI6NH0nmvAPJiXhTiswtBFO_V2rVMIQxceg17ZV4G3mSYiD99dl64CNkrZxGPYS4YHWpIGp_zRfYfbuSS3s_Fj6-WkCRnHzxJaMVgEWAJidPO_RxS8i6eayypQNG5b7avW_h1-CKWi1jk9ZY30c0rcNEjCCJve8VobJdzVXGSpXH2_AxtwZM-GoDff-gKKGlXnyJl03pFqYbaJkPFwxC659ZWMZtcf7DSCbXNBh3c6psdbpH_yN9kecWQvuu9prc_8Eb8ubYyJ4bI-UrcTIvEC-HFHiHzuthdDqpQxw2CDU7bmVtuL5pXe19wNEK-K6y6w2g7cosYcVyYy0b4p43MsbAXx0D3hhtVnWU5WnfSIYEdMPr-dgTxK7pYJdB0B0gUa99R9E5nE-OX9m1qm4gsVW5uzfISj-aemkUGCalUVk2GevsSmnr1TwJHmjRJmpiuIGl62noWtw41cDGWLeDO0ztVahHsJWOHKc1Oh87gsVkvdoL_BABBhtOBgRPL_T8iI82tpYPGf8vEuyDanaVbXZZH2wz5ldfZS-j5pRXr2ZQ_AwoC6hr4c82TG_H93BYflfaS8fU6U0YOK6QvOfJKGTtDbR3NAhO8S4UnnZi1d9vhW-HWozeT6LxXOKcgnSw2B-nhG2mUEyR_HyEl4y2nEwgqRTbqU2h1ANMQVAz49kNhVXowf01rYjgnlakMiRH-shP1EXTtL2oxXr-v6VUlvxmCIIfddQ0pXnQR-W1FphMmEIUVYPUx8&sai=AMfl-YQWPALEz7W60lmOVJAlfJf0UEQuHs5bITV32S8Jj_dXYUh-xJCotuidVLWbxbo02_eh-xYCi04-vWqMaDdz0FozWt9xiXKjmt936rUHpwhL704gs0YkEKSNkvEVHzMthblY1_-CoSfnq276ST61HrBgLxNmWQ&sig=Cg0ArKJSzLPxZ-o0B8U9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&cbvp=1&cstd=120&cisv=r20220112.45092&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 17 Jan 2022 06:42:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aef52dbbc041e1a423bad6a3e3193dc6f9be68deb0e3e33877ffe5416f20337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:08 GMT
expires
Tue, 17 Jan 2023 06:42:08 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D12B 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsuBvpPAJXI8tbulXcXizBk9WIS2YpozaiVQ6eZlh6TqujKt6EWjEkSVi7dTtoRCSewfy2jdMSGTegYOqzoVXUVO-cmcgwLSHcv6DkXwQhoFD8ulwXKRjIkaht9woVIhRbvKmrnsi_F2GorrqPlrUaV8PnYx6ej4nVL_phe2HCY8ysdEV0yYNW3yrDHxqMQyM_qPsZdYjzZPCZnAEmo2COAb-wjuTofnJ_a70d7cBv_KYh_j01bGkZa_uwQNj8JIZVqrONoafZYNcGDq2hv7N_e7D0zV1YSwIFM9RGrrn8NBvzY_UrpWJZFcSCR91EnczmQknqEkyY5k8c0mj40m4vUH3IVq5U18YLfLsoftfOSDJ0TTjY58lzAoQWwPHGtifFNwby9KFPi0jJauyU59kDTKLR4jaF45d-oYCSGeE9fGreM0QB82vc8PUcRRMz-TURnvMxc-uSDTEhz0x8Gfm8JzjU54ht3miGxfAN5qw7feDcAUASyYHCMiJTCweXGl0LwrsSuEXd6k69Ackimn6TMZif3WxbcSW_dDkzqX_pr7PcXmrdtrgyHvSv-mFJH7hvfLi1oV6i2Tv7x1GOBa--MBOSRnfmQFtcKc-XUVYFnHvQkfyJOzY6QMHGyVnod_wGS19eglGET2VyzWlvzGTtQFnWP2JCEoiXSOcYBhLUVizK65aBITFTrnMIL-zQdKyRrh9QhR-fzDhe-R-oOTHdzvM9UM6LERlaCUhdi_OXg7Pl7sDSkaDO6DICVnie9IDmmI5bjnfR4Ux0nXRbxSBtqY9tq6K78ZcATa90RsJOOZfH6sP-pbd1iK0NuvIf-HoGlSN0ncuxYLyT5RdqDaRoaieGda1m3jvRY6WftQzhqDTduD7_C46sAZSshqffGHpZ5XB0TDqJGQwDqBPELudCAtCER-jMA0F-sTYLQ89RFvnX6TK9HbGs4aGrE5L86RhpFc-l5BSCfipSi903nRXDYiVmQlL2BcMHuaxp6No6zJfEG-eE4mA-pqqLGlsND75wjlEgVPuGkmezktw0DKPq1lOG8Pux50cQrz1hIp2C7rnpG5W6ZGRRqT8lndd4-ShK2cAkGDrcaccDyz8pAqVu4DK0WozVEvsWc7ibV2nPQEnJ4OCM_a-PVpr-tyWGQuv_dtu_LBVSd3eUCiU8j1oovY6e0ipQK9CoRdqo8FRqJCSRQwb5GtR5BD3PcVE2aseuWtwYeLCIoU0aImA2_rtGaZaStW_2gBX7AZSuegl_2Q&sai=AMfl-YTahojs9TVgIOaYJ0mcRE0pjgJxPt7mriFCFO7mHgIzCyCl8yBk9APrU2QZRm2B7PE9Brzf9-c_KCWI14wlT-eTq7-tGHE5ckmB6Rn_P9EvlRhtGP_EAuIQsIKBwi4l_c133BlJDYpDh9ufBP0nrFj_JE5XiA&sig=Cg0ArKJSzCb1EFNpwo0GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=120&cisv=r20220112.38269&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 17 Jan 2022 06:42:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 673D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:14:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D118 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 05:53:44 GMT
expires
Tue, 18 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
2904
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 673D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b48baebda9d2827db00901dc2141cc96bceae85b474003b21e353cc3471b300c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D12B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:14:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8F1F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 05:53:44 GMT
expires
Tue, 18 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
2904
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D12B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e27bb82381999d0842afd72f4cbc414a92f58ac336bb54f3e4898a441d2070f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0BDA 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64135
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 12:53:13 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdvideo_style.css
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		388 B
208 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdvideo_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
googbase_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		247 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 08:33:42 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3145
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame A22F 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 09:32:16 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4332
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:30 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e99c54c8d777d1b291f68296ac99fe0c7b8f51153eb7b36b1a88b4783bfd2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1746
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
gwdparallax_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdparallax_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a45792c7db4934ab03ec970a8c0ba92d5b85e5af4482112dc9727fe94197250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3436
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
gwdvideo_min.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwdvideo_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
249f537d8e7349dab5ab2e541e485351315526451ae2e8979422f33a215307c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3083
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		2 KB
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 08:33:42 GMT
mig_gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/mig_gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de0026beacb0fa66759930355e717fe89078974692859c2aeea06f11b64c1de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
mig_gwd-id.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/mig_gwd-id.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48949e222f4d06fa2b976a5a69eeaca967c0c0579e10c43104c04bc4f46bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1044
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A22F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 06:42:08 GMT
easepack_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A22F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jan 2022 06:42:08 GMT
main.js
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01c7399ecbe1c0d5305c8fd86ba021fed2ef42406294d2ea51c34d68f5dc5996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9362
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
gg_pixel
sync.adaptv.advertising.com/ Frame 1769 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEH_nh7QT2RfstSb9izhNLnY&google_cver=1&google_push=AYg5qPLZ6ayJcra1_iaSE15wKwm9c5ZfdEGoXi7d9m5m_5OthtNgDT3lt9wl55jtcq_sWaWnK8K8Fy1AT-KpiWQUTgS1OaOGdb-Z
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.183.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-183-88.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
dds
rtb.openx.net/sync/ Frame 1769 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPzADKI6GpFvwkFAs2FPnVE&google_cver=1&google_push=AYg5qPJ3jXX2ODg34jUY16nHm2E-YKHomUYQnSCjqB1gIXbZYSfDeUQR6g6z3tG_FdmxbPSG10qOjpiNaVCiWsRuPEjth94xzpDd
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:07 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tbkp6ecvtt1ieu6dbolgu55d26m4bk2h
pixel
cm.g.doubleclick.net/ Frame 1769
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2c...
0
0
pixel
cm.g.doubleclick.net/ Frame 1769
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
0
0
pixel
cm.g.doubleclick.net/ Frame 1769
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlAKO2nq4HV_Pz9GeWGEDZwCuMqohGvag-In3dlHxTiWCNu5VK_XS6At3R3jmeILe4uWuA
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlAKO2nq4HV_Pz9GeWGEDZwCuMqohGvag-In3dlHxTiWCNu5VK_XS6At3R3jmeILe4uWuA&gdpr=&gdpr_consent=
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDEwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI1Rr_0lSa8VNSp8NAh1ncQLlAKO2nq4HV_Pz9GeWGEDZwCuMqohGvag-In3dlHxTiWCNu5VK_XS6At3R3jmeILe4uWuA&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Jan 2022 06:42:08 GMT
sync
ssbsync.smartadserver.com/api/ Frame 1769 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEbkpLffVVZ5AW6pVfLDtF0&google_cver=1&google_push=AYg5qPLlfckISoxLnc-prCOaV4WDiwLoV-wTZRxjIzhrnmvd3UxzZgjj2oTlvyUoqy-Gyg4bzE56iQoE9cGMYIksDvL-bIF-okLA
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1769
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyV...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyV...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ndVNKZVE5RTJ1RnBud3FZUjlndFVYQ0FvWWgua1l2WH5B&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ndVNKZVE5RTJ1RnBud3FZUjlndFVYQ0FvWWgua1l2WH5B&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyVWp4X4gFsAojahxV30dyFnHonbm
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ndVNKZVE5RTJ1RnBud3FZUjlndFVYQ0FvWWgua1l2WH5B&google_push=AYg5qPKAX3exc1Bi4Mt2Bl43LY9f81ns2JzCjeqAjypG0KLjUspJenXBqqVlVtB8pFw403LQyVWp4X4gFsAojahxV30dyFnHonbm
date
Mon, 17 Jan 2022 06:42:08 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 1769 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6M-OCJK6r-62esTcUdOuQOJx1CYk469RZlvZ9X3ELeqdwPfVMINKb9xSA6fq-kCSCyFTFIA
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqoCWMmVKPbxmZABskwhu0&google_cver=1&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG27OA7fLVn1H6Ab7IhO-vihA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG27OA7fLVn1H6Ab7IhO-vihA
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPLF95VsxB7o5rnoGbcw73HEVJ5wFLSGFWwNymeuMm0_ftiZoSN5h-2Tj-BmF7IW0gFsQoG27OA7fLVn1H6Ab7IhO-vihA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE...
0
0
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
0
0
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFiLniiNoKV8AJ2Q6dRqYo&google_cver=1&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A&google...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPL311PfHsMy-vMHwZ1r0Bws0o5ZOvzVuOGCJL16jU0dLuGNMY1quGXjnxCMAux0-MvwiiYeAEf2WZQpDA_3f1giAs4Z3A
date
Mon, 17 Jan 2022 06:42:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHIGetOSAY7fPBYCZ4P0ffUdfORl354flFQbe3N7EER0UG67alx_xjKZpXQFzHnAiFK7ZgQ
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHIGetOSAY7fPBYCZ4P0ffUdfORl354flFQbe3N7EER0UG67alx_xjKZpXQFzHnAiFK7ZgQ&gdpr=&gdpr_consent=
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIcbSXVVR_Pz4ggDaZNrz5gnHIGetOSAY7fPBYCZ4P0ffUdfORl354flFQbe3N7EER0UG67alx_xjKZpXQFzHnAiFK7ZgQ&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Jan 2022 06:42:08 GMT
sync
ssbsync.smartadserver.com/api/ Frame 455D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEbkpLffVVZ5AW6pVfLDtF0&google_cver=1&google_push=AYg5qPLkbxt9MGl4IZerTvC2glmhZ_nj-vPnl9BYPrOkQ-Sf2ZyaHlsQqry6W-GAuVTju7pHpRFP_5WY_zm6c0D_1jQaIlu61ew
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 455D
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQ...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQ...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGBYSZrPVizqd07sOnU84pg&google_cver=1&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NzlmNTRiMi03NzYwLTExZWMtYjQwMy0wMjAwNjUxYjIxY2E%3D&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NzlmNTRiMi03NzYwLTExZWMtYjQwMy0wMjAwNjUxYjIxY2E%3D&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NzlmNTRiMi03NzYwLTExZWMtYjQwMy0wMjAwNjUxYjIxY2E%3D&google_push=AYg5qPLIjCLaBcq3YW35YUCR0aIst6_APvbnjVS-IHVK0mUMaOHiL9cQqR-5Fcnp4S6cHLjYyOGaOTVy1S5JBU0EKfvTJT3Dm7dv
date
Mon, 17 Jan 2022 06:42:08 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 455D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6Ur9LBkky2XOm4sixBbS_DDXgSuQJ7FM7IPL1MQhL-ryfCN8FqlVKX23QGm9Ypd7CqKDNCQ
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 00DA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 13 Jan 2022 08:14:03 GMT
expires
Fri, 13 Jan 2023 08:14:03 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
340085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BDB0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 13 Jan 2022 08:14:03 GMT
expires
Fri, 13 Jan 2023 08:14:03 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
340085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 673D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWeOJv6SptoruM0bIG_KAp7UvV9rPyJyxlhaToQHqPS1UIsngNIZqg4OPVuSALztM5l5QJkUMzJtRztvk17njK5WWZoTuX4Ag5BMXW4e__VUnMYCnm1_E0tFShJbBf_MBE9-LVjq5osJFt6Z7_8MmLXXAZS0Kpiqd2TmzsbLOiMcAM01XC5E_Pj9prfOQ4zoT-AcIS43Tx4Ts4MGpbNpKrFaMg_pdhcVHDa__6xWgMlufP-Ltz-B0CfAVANgKBJbctKD9RSYnfMeOanrzNIvtmckQ_tlEc3f6eDmwu-RAF1YynCbeeyvLsw71HzapQDAvCG2QKMQepAnLViy6gDVwkNLuzSS1Crx9eJbd3sZzK4XRrBiypvsPD8_n5UahHBqqYBrOerkai-wWdSqYZU5hStcrG2SKxBkrKtGdJbAIXlPDeVhwYqVqw0kgybmaFk0XgSaKcbfd2_S9_x-No6JjNRSRqnH83jHIUSCkZvMJNRR1xysI6NH0nmvAPJiXhTiswtBFO_V2rVMIQxceg17ZV4G3mSYiD99dl64CNkrZxGPYS4YHWpIGp_zRfYfbuSS3s_Fj6-WkCRnHzxJaMVgEWAJidPO_RxS8i6eayypQNG5b7avW_h1-CKWi1jk9ZY30c0rcNEjCCJve8VobJdzVXGSpXH2_AxtwZM-GoDff-gKKGlXnyJl03pFqYbaJkPFwxC659ZWMZtcf7DSCbXNBh3c6psdbpH_yN9kecWQvuu9prc_8Eb8ubYyJ4bI-UrcTIvEC-HFHiHzuthdDqpQxw2CDU7bmVtuL5pXe19wNEK-K6y6w2g7cosYcVyYy0b4p43MsbAXx0D3hhtVnWU5WnfSIYEdMPr-dgTxK7pYJdB0B0gUa99R9E5nE-OX9m1qm4gsVW5uzfISj-aemkUGCalUVk2GevsSmnr1TwJHmjRJmpiuIGl62noWtw41cDGWLeDO0ztVahHsJWOHKc1Oh87gsVkvdoL_BABBhtOBgRPL_T8iI82tpYPGf8vEuyDanaVbXZZH2wz5ldfZS-j5pRXr2ZQ_AwoC6hr4c82TG_H93BYflfaS8fU6U0YOK6QvOfJKGTtDbR3NAhO8S4UnnZi1d9vhW-HWozeT6LxXOKcgnSw2B-nhG2mUEyR_HyEl4y2nEwgqRTbqU2h1ANMQVAz49kNhVXowf01rYjgnlakMiRH-shP1EXTtL2oxXr-v6VUlvxmCIIfddQ0pXnQR-W1FphMmEIUVYPUx8&sai=AMfl-YQWPALEz7W60lmOVJAlfJf0UEQuHs5bITV32S8Jj_dXYUh-xJCotuidVLWbxbo02_eh-xYCi04-vWqMaDdz0FozWt9xiXKjmt936rUHpwhL704gs0YkEKSNkvEVHzMthblY1_-CoSfnq276ST61HrBgLxNmWQ&sig=Cg0ArKJSzLPxZ-o0B8U9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=306&vt=11&dtpt=183&dett=3&cstd=120&cisv=r20220112.45092&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video_placeholder.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/video_placeholder.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
648ece012c8f29dd46ad63501eb12fab3d3fc27aca061c35f743cac6c59094b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6840
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6Dn66EclWnoPA5JiPnOn4&google_cver=1&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72H_mH9pg&google_hm=MjA3MzE5OTU0MjAxOTM4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72H_mH9pg&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Jan 2022 06:42:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ8VbhVcBoGFy3ad8fKoGBXehri2PqFad-W9PWSyTIDSv_1yOsJp7JGl_peif3pZykbFuSEpUfAz5cBV55_h8_Cv72H_mH9pg&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbFRmYSyZDaMGoD_S0zQr16jiGxLiVMId9YU8LKnS63WraP1MdmNn_nKHT8gs26r3MeW9gAx5eoGABdmEye01gIt8Ee2P9Qg
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbFRmYSyZDaMGoD_S0zQr16jiGxLiVMId9YU8LKnS63WraP1MdmNn_nKHT8gs26r3MeW9gAx5eoGABdmEye01gIt8Ee2P9Qg
date
Mon, 17 Jan 2022 06:42:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5...
0
0
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHFtoQWJfQSOKHq1ovFVlUY&google_cver=1&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVn...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHFtoQWJfQSOKHq1ovFVlUY&google_cver=1&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVn...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg&google_hm=507cb9ced7b706cbc82b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg&google_hm=507cb9ced7b706cbc82bb794
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 17 Jan 2022 06:42:08 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHhVtzcWA6f9nGsdM364fvQwbDn1okDJNFBeUwzWPiGKNXBmyhY1Vc0nkiW91XGRmZW9l_Gaczfx9aKWZVnN_TZuOs6PQVxg&google_hm=507cb9ced7b706cbc82bb794
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFiLniiNoKV8AJ2Q6dRqYo&google_cver=1&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqic9Ypfu0GIKt6CUgungwyFI6VulttKmHEyulm...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqic9Ypfu0GIKt6CUgungwyFI6VulttKmHEyulmOuyA
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D&google_push=AYg5qPLCNUJgfIsKOgJoVz89hUp67oU0Tt7V0k3C80xCZrUNVTrx_v4krvZaqic9Ypfu0GIKt6CUgungwyFI6VulttKmHEyulmOuyA
date
Mon, 17 Jan 2022 06:42:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSKPUwcw-RbZRPD9UZ8i4LCRRVJfu29jwuU0xqkiTh6G1uZjAvXuUXRaPihYwnlBL8z_H...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSKPUwcw-RbZRPD9UZ8i4LCRRVJfu29jwuU0xqkiTh6G1uZjAvXuUXRaPihYwnlBL8z_HZJluw&gdpr=&gdpr_consent=
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL7pnZBq7aKk0-Xt1HpCz0jvSKPUwcw-RbZRPD9UZ8i4LCRRVJfu29jwuU0xqkiTh6G1uZjAvXuUXRaPihYwnlBL8z_HZJluw&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Jan 2022 06:42:08 GMT
pixel
cm.g.doubleclick.net/ Frame D118
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5PFVj6O7UxSwC4XjJm7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5PFVj6O7UxSwC4XjJm7R285gQQYGIfI9ZIUhGkC_372MaU6A
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPIV8Kh_5C1E9DkZ1DCjjJjyI_l4p3w2ClYs9dfpnXndIxasbF_5PFVj6O7UxSwC4XjJm7R285gQQYGIfI9ZIUhGkC_372MaU6A
date
Mon, 17 Jan 2022 06:42:08 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame D118 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHzySEWBlGRgsPweOtTHKR93erPF327w77Fb2pjXaeyeiyVQDVlMhqh7NDmMvKk8u-myjNxQ
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bg.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb394ca2d21434bd0e78976c783b8eec35bfb6f1404bf31d0d9969d06c9535d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5515
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
slide_4.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/slide_4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5001e81e81fe1930c1fe0a7864876db2d14284c13734e883241c65bc9345428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34600
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
slide_3.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/slide_3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a2417f4bfdb8bc6e01ae0ace5e83d72d5d0e7776917448869590e5422be9f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33863
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
slide_2.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/slide_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5e0754ccb59642b36cb5597a08248e5e2ca9c1356c3e3c977a2e7696a9e0058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33786
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
btn_replay.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_replay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6865183b5339acb11b7b41891ab5fc83a67800a7ca84162f0fb8ec040804c43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1401
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_sound_on.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_sound_on.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cebe0c20b9ec7068e45f5b01490e8a08c064d849f3237e93ccf367f69d88f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1322
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_sound_off.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_sound_off.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e53d26d8cacae6cceb2f2fbec3b46d997ad9b48949f15b9e9828502397288ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 01:41:52 GMT
x-content-type-options
nosniff
age
190816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1333
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 Jan 2023 01:41:52 GMT
btn_play.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_play.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4ee0451a13fe8b5a647e943833ba8a74319f6f75fef2d3e9d4ac67d7e895767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1088
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_pause.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		787 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_pause.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be40f968567fff526118121bcf53480cb1339bdb5b84050da148080a16f55abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
787
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_play_big.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_play_big.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75188ca07793fa054c11eb11dcfb8bf9593d276676997fa774d09f376bd41842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3332
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
sprite_video_elements_retina.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/sprite_video_elements_retina.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86e82559d4b1d2e5504f74eb46709e1a286fbf40956e36e4a7961586cefd274b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93348
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
btn.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddf7d065434ac62640308950fb5a70224ef8ea145223c47668173409dafe5130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_prev.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_prev.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
992986202320003b6f0a84d0e71014e66873c108eaabd74498f4b7df05a7a33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1511
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
btn_next.png
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/btn_next.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd2a340f62dce684bb58c24e04c2299892adef16c20a5668bbb87dbdef654eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:32 GMT
x-content-type-options
nosniff
age
579516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1485
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:32 GMT
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6Dn66EclWnoPA5JiPnOn4&google_cver=1&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YX...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YXdN08&google_hm=MjA3MzE5OTU0MjAxOTM4NTM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YXdN08&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Jan 2022 06:42:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlgxLKMV2rOfLU31fJ-Zr23fYDlBUVpaDwNVNGjylvyQCo7DtUXmBPRGX-t_evdFVxSkPzm1_Pumvf4QSkrk0_7YXdN08&google_hm=MjA3MzE5OTU0MjAxOTM4NTMwMw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cHK3SuEjT7OTsR_wUxlK0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cHK3SuEjT7OTsR_wUxlK0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK5KnfNcgsidaIq048nVdqifpvtZQ2nKZ3UAxALvJlwMRbQCPXZ4ozhEUhbRaCCEV2RddsGomf7CiysHfWSWaUWeKFvphI
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cHK3SuEjT7OTsR_wUxlK0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK5KnfNcgsidaIq048nVdqifpvtZQ2nKZ3UAxALvJlwMRbQCPXZ4ozhEUhbRaCCEV2RddsGomf7CiysHfWSWaUWeKFvphI
date
Mon, 17 Jan 2022 06:42:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqoCWMmVKPbxmZABskwhu0&google_cver=1&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2G...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2GrVSo7LZxzyMP9PdkfnCWt5bs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2GrVSo7LZxzyMP9PdkfnCWt5bs
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5&google_push=AYg5qPJl0o9ozz5cGIs37Bsd5qofx4HwLUBskV9B5dVmysjBlYMMR5fNcIFsAhDUy6rkm2VHB2GrVSo7LZxzyMP9PdkfnCWt5bs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEHN-knOPKBbjBetbeTEy9qw&google_cver=1&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
0
0
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFoNZ_4EYYDEGbhMcVZea20&google_cver=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KOL2-jP9JJVKf7NO0kANXSHBmIPC96dDb_5rGc-_lZwqSme9FBPvHlG7gvYGclwiMKRpkY
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KOL2-jP9JJVKf7NO0kANXSHBmIPC96dDb_5rGc-_lZwqSme9FBPvHlG7gvYGclwiMKRpkY&gdpr=&gdpr_consent=
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&mn_hm=Mjg1NDAzMzI4ODg4NDE2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIm843R37GBmVYGc9hwM_a00KOL2-jP9JJVKf7NO0kANXSHBmIPC96dDb_5rGc-_lZwqSme9FBPvHlG7gvYGclwiMKRpkY&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Jan 2022 06:42:08 GMT
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDN4UXt2oMwd4tCNEizFoTo&google_cver=1&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B91luf7uwnpozJdzTl...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B91luf7uwnpozJdzTlyfiebeiQVVax-V95Ew0qEth368
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14R0tHTTF4RTJ1RkE3TS5xa1owczBuUEhfNFFLQzd4RX5B&google_push=AYg5qPJ8DXkDqgjqG4AoT0zYg_FsYoYmnlzQaQHyIjt2MJGaMhCT09B1B91luf7uwnpozJdzTlyfiebeiQVVax-V95Ew0qEth368
date
Mon, 17 Jan 2022 06:42:08 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8F1F
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKcpE-mGyV4lOeKSs39T7nM&google_cver=1&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-uclJZGQUiwpY1s35isb66MhALI...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmE1M2ZiNTAtOGUxOS00ZmI0LTg2YmMtNWU0NTUyZTg0Y2Q2&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmE1M2ZiNTAtOGUxOS00ZmI0LTg2YmMtNWU0NTUyZTg0Y2Q2&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-uclJZGQUiwpY1s35isb66MhALIenUCywqQ9A
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmE1M2ZiNTAtOGUxOS00ZmI0LTg2YmMtNWU0NTUyZTg0Y2Q2&google_push=AYg5qPK6jZFfmoNeMxnJcpQ5QdtImprtdYufF9fVWrdVSZHy9lThNVcsHni--u-uclJZGQUiwpY1s35isb66MhALIenUCywqQ9A
date
Mon, 17 Jan 2022 06:42:08 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8F1F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Itm1dEuGhQc5QlnGVFIqMHUMyHkPTqLBO2LWFBVoes19QPoWfX7y9WRiCpARd3AY1c01BB7_M
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 7F30 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MSs3_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tschuss-miete.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/tschuss-miete.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d3e686230e4e8374eb3200441bbf730ca3c3a346f07a538f60763fd44bbd610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1347
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
hallo-eigenheim.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/hallo-eigenheim.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f732fba307a2b3ae9c997c90c001400a2b145595ffad12ad7591e37b26d26e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1278
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
logo-vr.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/logo-vr.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c006ba40acaf78b891843db626ab159aca688e2605eb0a8e26a54c976dcc0fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3083
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
logo-bsh.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/logo-bsh.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9760a9f96ef90c3d9f294d206df4342e7a55673a918c3090c22a29cc6557bade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1883
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
schatten.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/schatten.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4d7fbaa9a062416430e981f98bc12077c7d434c110618216e6ae94914660c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1892
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
gelber-kasten.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		153 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/gelber-kasten.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d0f01e1bde796cd22d34bbe3dff4b35ef72587452e8def7fd39fc2a166e1683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
vater-sohn.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/vater-sohn.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b26e78f7083cb5679609915da7d081810e1f597544ec9152d8c68f194f636eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80836
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
haus.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/haus.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5163406e67ed20eaa515adafb7b90d2e6b411029bc6903dca2349bb20f2005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 01:41:39 GMT
x-content-type-options
nosniff
age
190829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203804
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 Jan 2023 01:41:39 GMT
text-klein.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/text-klein.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f0665cf11b3e8c709fddb9c8664d193536c46e78fb3aa697ee2680d5c695814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1139
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
text.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/text.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e72004751986ef48a5dc849c02a62473e99c5e39aec100b88cdd7a0c777d19bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2391
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
cta-mehr-erfahren.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		968 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/cta-mehr-erfahren.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d21a7994290375fa8f0beece2ea372ab8fa8d890c4dd88c2dfa92c3e1ccf1a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
968
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
fuchs-gelb.png
s0.2mdn.net/sadbundle/12766625113677943619/ Frame 0BDA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12766625113677943619/fuchs-gelb.png
Requested by
Host: 2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
URL: https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b65a7aa987c50237316272bf67e43e52f6e529a3677e8e007b8c80d8474d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12766625113677943619/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:00:01 GMT
x-content-type-options
nosniff
age
200527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30136
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 09:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 23:00:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D12B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsuBvpPAJXI8tbulXcXizBk9WIS2YpozaiVQ6eZlh6TqujKt6EWjEkSVi7dTtoRCSewfy2jdMSGTegYOqzoVXUVO-cmcgwLSHcv6DkXwQhoFD8ulwXKRjIkaht9woVIhRbvKmrnsi_F2GorrqPlrUaV8PnYx6ej4nVL_phe2HCY8ysdEV0yYNW3yrDHxqMQyM_qPsZdYjzZPCZnAEmo2COAb-wjuTofnJ_a70d7cBv_KYh_j01bGkZa_uwQNj8JIZVqrONoafZYNcGDq2hv7N_e7D0zV1YSwIFM9RGrrn8NBvzY_UrpWJZFcSCR91EnczmQknqEkyY5k8c0mj40m4vUH3IVq5U18YLfLsoftfOSDJ0TTjY58lzAoQWwPHGtifFNwby9KFPi0jJauyU59kDTKLR4jaF45d-oYCSGeE9fGreM0QB82vc8PUcRRMz-TURnvMxc-uSDTEhz0x8Gfm8JzjU54ht3miGxfAN5qw7feDcAUASyYHCMiJTCweXGl0LwrsSuEXd6k69Ackimn6TMZif3WxbcSW_dDkzqX_pr7PcXmrdtrgyHvSv-mFJH7hvfLi1oV6i2Tv7x1GOBa--MBOSRnfmQFtcKc-XUVYFnHvQkfyJOzY6QMHGyVnod_wGS19eglGET2VyzWlvzGTtQFnWP2JCEoiXSOcYBhLUVizK65aBITFTrnMIL-zQdKyRrh9QhR-fzDhe-R-oOTHdzvM9UM6LERlaCUhdi_OXg7Pl7sDSkaDO6DICVnie9IDmmI5bjnfR4Ux0nXRbxSBtqY9tq6K78ZcATa90RsJOOZfH6sP-pbd1iK0NuvIf-HoGlSN0ncuxYLyT5RdqDaRoaieGda1m3jvRY6WftQzhqDTduD7_C46sAZSshqffGHpZ5XB0TDqJGQwDqBPELudCAtCER-jMA0F-sTYLQ89RFvnX6TK9HbGs4aGrE5L86RhpFc-l5BSCfipSi903nRXDYiVmQlL2BcMHuaxp6No6zJfEG-eE4mA-pqqLGlsND75wjlEgVPuGkmezktw0DKPq1lOG8Pux50cQrz1hIp2C7rnpG5W6ZGRRqT8lndd4-ShK2cAkGDrcaccDyz8pAqVu4DK0WozVEvsWc7ibV2nPQEnJ4OCM_a-PVpr-tyWGQuv_dtu_LBVSd3eUCiU8j1oovY6e0ipQK9CoRdqo8FRqJCSRQwb5GtR5BD3PcVE2aseuWtwYeLCIoU0aImA2_rtGaZaStW_2gBX7AZSuegl_2Q&sai=AMfl-YTahojs9TVgIOaYJ0mcRE0pjgJxPt7mriFCFO7mHgIzCyCl8yBk9APrU2QZRm2B7PE9Brzf9-c_KCWI14wlT-eTq7-tGHE5ckmB6Rn_P9EvlRhtGP_EAuIQsIKBwi4l_c133BlJDYpDh9ufBP0nrFj_JE5XiA&sig=Cg0ArKJSzCb1EFNpwo0GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=399&vt=11&dtpt=274&dett=3&cstd=120&cisv=r20220112.38269&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 00DA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame BDB0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A22F 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73a6660457f044e88cfa39a91ca29c6cf9610e1f33b0188b4cc75b6de7dd5f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4542
x-xss-protection
0
video_placeholder.jpg
s0.2mdn.net/sadbundle/2616425467128781606/ Frame A22F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2616425467128781606/video_placeholder.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
648ece012c8f29dd46ad63501eb12fab3d3fc27aca061c35f743cac6c59094b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:43:31 GMT
x-content-type-options
nosniff
age
579517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6840
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 16:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Jan 2023 13:43:31 GMT
prod_studio_01_246_videomodule.js
s0.2mdn.net/879366/ Frame A22F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_246_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b619cbf3a19f241d38f222b0993708ab553b65f47b8d82e328506e5d00a94f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2616425467128781606/index.html?e=69&leftOffset=0&topOffset=0&c=svIgTrymmh&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 05:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4944
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 05:53:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A22F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:08 GMT
file.webm
r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame A22F
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/acao,ctier,expire,id,ip,ipbits,itag...
548 KB
549 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/584B2B55FE5A772EF0909C2FFAA5CA3752C7D9EE.5E8297B2A4E0BB1CEA818A9BB7882F030B8C90FD/key/cms1/cms_redirect/yes/mh/7y/mip/2001:ac8:20:3c00:1011:9c7a:3889:9ecf/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1642401390/mv/m/mvi/2/pl/49/file/file.webm
Protocol
HTTP/1.1
Server
2a00:1450:4001:65::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
75b754c036c31f8b66677cceef833ff56b47f4d942c9e299195fca046d72d453
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Jul 2021 16:41:30 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Content-Range
bytes 0-561315/561316
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
561316
Expires
Mon, 17 Jan 2022 06:42:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/c122b3eacdff2ccd/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3771852096/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/584B2B55FE5A772EF0909C2FFAA5CA3752C7D9EE.5E8297B2A4E0BB1CEA818A9BB7882F030B8C90FD/key/cms1/cms_redirect/yes/mh/7y/mip/2001:ac8:20:3c00:1011:9c7a:3889:9ecf/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1642401390/mv/m/mvi/2/pl/49/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=4482607639925597&bg=!4OOl46fNAAaocxMpqHM7ACkAdvg8WqX5nUtjh571FJlxEoAAROY1cfsrTr5S5bEH1P_gdNvK-7p7cwIAAAEJUgAAAAJoAQeZAtB9qco03VIYlGM8QTsEq7X2Qtmzjaygt9ETwkqSCKlDYJHVe9xuY8wcOvmGH4vvekkl845wlMz97dC8_Y-c9za1fbbHXnawNi07w3jXhdw_rS0NsFiqaDHq0aFqBPY_FLIRdX9F9wRbsJNe2Dkb8EVZUK_9XavgWIe8sdmMRcV1c_GMyJitebuszt-GcGxQVo3zDv_0zF0oJVRdK_VSBW_YgIXWp2G-n4IcG1aUsVI5erXh6FTwe9CrxfSFSlshkdf_ztVlPwMOFFOclXnaFjHzel1xMPoOj0Is8CG_C3QFC2DowMCJnh4YwEEQGcIdK5NhMeDlzUdDuEmNuQ-4Cja8TT7sO6Grg2tr6N8CVifqAx30auJM152lvOUAz0jJ1Gqcl__70ka_Kx-FQL_xpsvr4aUEdW7FwVfblbh_JHcNa6t2S54l4MA0T16DUSkF-eNQVwk-grHCRIgDg2A0GWtvZgTh1kgyjqPXWgN68uJtaMHJQ51I_mGNNNgbo8UwUZOX5i0-XgzCwLuMV7DVF9pUPO7CaTlmPYwNgMaU0hBclBFtXHRZj1ATB0KVgDZEzYG3mBR52hi60uaXQA8mdF4d31w5Z2rLnN-Zh4DyApWi1px03cxrbnDMQiqdHsBPC7DAbB-MLUwe8G4wdTzaE_v1uedciZGepVVDQJSMpRLhO3V9KaSBQoXOIuhtViUu-QY0YB-6ZQEz6Z0wwvk-3yA7HvSIPLLT_lMiPDd-PMib1TGsZyrPS8q2o70KAlbzHgGbOHs0qIdg2CDv7RZsLLzfE84bMXGkMlyXk_x4zaxm84A4cC_6G4mARavfiGO3bnLz3xIf_8q6U4vvkGje-aaT948bIj9HI83IrqfHiExQm58aq8ANM9vmFCQTz67UDKd5avljha1PfCJUsd1K4_5UodaqOHXbXbkA7vTNJvq7OdkJLvFO2vEE5rcEj5L8e5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame E2D1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 01:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 01:31:05 GMT
dc_oe=ChMIl5XEnJe49QIVPpH9Bx3EZwFsEAAYACDS1JBKQhMIoqmZnJe49QIVEu27CB0mwQhT;met=1;&timestamp=1642401729017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame D12B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl5XEnJe49QIVPpH9Bx3EZwFsEAAYACDS1JBKQhMIoqmZnJe49QIVEu27CB0mwQhT;met=1;&timestamp=1642401729017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BDB0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUxH-vw_lYde5M76i9u8PxM-F4AYAAAAAOAHgBAI&bg=!mZqlmt7NAAaocxMpqHM7ACkAdvg8WtU0-kL4jF9jZCqUFBkd1qqz5UVI8c5AIZEmmcQPHhOTOaYgYAIAAACqUgAAAAJoAQeZAwdB6lgHPteS3Omycotlej84XnptIR0qbkHywhZA-AJXbZyVGGaCf6ZVwkR7oLQp9HCkriXqGYzCJUyuqlL_SpBE8_lEgBOj7C81FNRI9iLhUDjRi9V6JvmShQX5bKtbxxT6hruI4BWmS8PtdEfSszjNa3HgkiipJ_4SGxdiKTPwnEs9wWeWTpXWNhzCduRBTn0vh7nTpdtWeyBcX7E23wUPN69xkalP6kflLLZWL4QDKQlxf-lMSauKq4B-qDy894qcNSfvy4wVf6NT4I6zvc-3SMOnX6OwlfS9xuNrsncbRbWh99hO2WpvCloXLJBd2triiRLowk_IOsIivI8tVbvdmH157r4HPp6YZzORtJtRsD2lC3sQf9ULGFs3WVGRZNoFqfzlbSDL0eAEj9FbL16YLCPJ6-jTHvwOnnuOQI-A2Le5WkH6FQYGPy9Ut7FSvp_Gw_M9bNX-x_LvQ6B5GDv6mnKRvQmRNYWs5COmM1pELQPDRVGGCgBmoLM5HNp6i12mvCd_4PucdMFngGk8wMs2NRxyoTmGgQqvfxc85GJdRopwhi0116Kqbxcse_sGoFLv0xdDn4J7H0RrU59ZID8oHQOnntFsDFnkh7dclhfM1A1xRh31lEowlEm0xxHl-hMG53d5TmWAKJ_v4UBJbIcEpOZeGrO3l9Mcci6OoMzRWMQUr1sdOrglBvqdnal3Co4cmybxZ8-6bcKONN4K3y3rLSD6aEUKQeZIzt4ve0gV9IpDtu_qWuarvRcYzH6g-TG9MNFcHZEidJsZueECNG0bpcTJSsh8vE2DJp6a_PQL0UUbnQpyuk7dqGZL5VaMU1T3qZ7eAzXOTqv-MbYrZ55KbL4whwE2matu4i4MPAi2Po38jkO73YMdQP9DQo4IeGvoCWKqCR9BJN7IUwaQV9n6t6uEaiz-qKR_LE1pXPDC9PcPQxAkxi5gNMwxCsz6a9m-kmLY0n1gazbQXvBHBTXwGNlWbUBTLmPKt_prdP46LYqXwA1tRt8xVk8VKngZHWqOUfH69Td2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 00DA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B__yxvw_lYeqWMYXL7_UPjO2WqAEAAAAAOAHgBAI&bg=!SUqlSg7NAAaocxMpqHM7ACkAdvg8WiPbfn7_WpfPfElPjEIai6vohu3hElC84XGjOWSSUbNX3D7BqgIAAADjUgAAAAJoAQcKADgN5vbw75i3dk8EqQrsFdRlqddiEGML-5m6z57ImgdfvmaG13rJofHAKtvk3lL08ap4ezG9V4As95kC-w8ugjUVei5nKy7hmNzKB5LHxvq29kRw_vRqa3igU40CkoVKVtTy-KETh8MxKwqaJcRsI_GVtKrHRcCxMoEpPh-I0x3-5ocLvgRLzTzgc5FpkF5ELdPLMhDWFWBvglBMcc4Tj6qw6jt5y5yP9Z56RAJrQd_JsnJ8_RiJ_wTbmORtHtiLFPJICuLKqxqztHviLXCnHWQEKLEAtl6Fyz3wp5RH4cpbwEsU_-GUDnRm1rnZp9fVy5nd4pwXvb7ZjOgkcWx2uPWcEFXsLBzGCC1Qok5ipV3U9H6HHEDYQFkmyWQnVt88zkl85LRhDkRNAIbHIy0S9WLnI4_jTfCQOspy7xoZ0YXmjEfrbNcTdcTuHt5SIsiogKpuF2IyLBpt7RZr8nFU1ywnUjGaCNgh-xldNVrPr1Q2TO8qFJjX3wB5kP0KCXRl1s_v2pifqTzYiJ9jqIDqE2h_hjpfI1pm9oA_C5iYdB5x_GTOkjAEvUo2NsueI40aqu0p1IekA52_3TH5INQ-fPasx86lova1jhqkJu6_Aafa6OGk53m-yVOcHqgDnHs64iqWtKoVSOa-3SgHcNhbIo12JjLgfrt3VPI5FKIE_jLdtRODeffxJQQgW94iZNrYRu7q_weSPQ59TWEzHRfgUsKKmDb9Xzg1BQ3Lq4rZhs3wiDF6kGwfekpQOjaOmpUzBb_b0KijoG-sAIfIqxDisViMdMGMmr9fbtcRgjgxoFzZykiHVwB0NHs7t-1ef7nc6UGOFKLDWOcchAudFllWbB5BduSNFmS0rQUIlR0SgjRutMj8CxkGHEY3v6pmEibb_8EoxkC4t2qW2-HqlJuQaGwVTt2STyBXUdUatU10jH_umB1pokDf5EcH8gE1qlU_s-_fQNrfXN_g7qZy1W4tec1lRLqIvkG6KB7dmDQ7_eKZy7NyR7P0l46WBgxnOVqThxBa36Xy28VmTfZHbyNR8DN-UrkXIcycbXQzR5Hfy0Mtbn5is94clG5BP1XAF-UngbU8zPy9ros
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D99 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuncNkwCYRDd0qwY32vKqUoQVM-tsNbVMAiLGfXwGfZk5jSr1kxI6PHlVzrbdR3vap8fHW4MwCN2PlCfxyewx6CO_HNfb7acNF_5LXS9zB-f-_J0szUeQ&sai=AMfl-YScYFC9FCLoMx_EyUVFBuB4eQhWxSkzUkb2Jk6DB-8aihz4_JWzTqIY5-APy1BnpPWlEoCeJn-kkgXr37EUW_Td8uj41ZlBd5LAnvLN79C3cp5OPHGwOZ7JzVk&sig=Cg0ArKJSzFuHxAiEHkAeEAE&cid=CAASF-RoH7-SNCm8yM-g4gg9RndrRyjExGnx&id=ampim&o=242,522&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=674&tls=1675&g=100&h=100&tt=1675&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1058625133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 673D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuelBkhTLdNDdtAk7qP526hRpP4yKjjf4aBLlXjuC-Pf9dZPWuKb3oE17JKCswCw-JhOMbD7mGda4gppcoDL7fnc4dWZZIc_U8P5N-6l89OEOnbLPjDmw&sai=AMfl-YQN0_548Xwy8YbBgltryCEK6t2Y734q7ie3Idw41dDKBGp-F3MHlVZSuNGw-V--HmcvIdOoXeRqHhqSkwDImPGLrQ3pVIo0zRD-f4MAEQIBJwB-Nf1mxl_j2G0&sig=Cg0ArKJSzL9EV9ry1wNxEAE&cid=CAASEuRoZPtSxyuKhcQPad2YS9Ji1A&id=lidar2&mcvt=1000&p=453,1073,1053,1373&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1436553605&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642401727640&rpt=844&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 40B7 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1642401726702
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame EFD3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jan 2022 06:42:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0C18 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 18 Jan 2022 06:42:12 GMT
Date
Mon, 17 Jan 2022 06:42:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame C131 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
sZc3/C0mTZiG9oulsNJsGfavTBdyD0NyqhjHxIEdozrWJZojOHit939JtUwVRgjBqdHbSpnQbmUTt9HaypjxUg==
x-amz-request-id
EC3SD77BGPF9782G
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0W/7kYQAAAABgWRrbih/PT4F/eTEVdn05QU1TMDRFREdFMTgxNAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0wg/lYQAAAADiULz6d6L8RpsFx8qto2JuRlJBRURHRTEwMDkAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Mon, 17 Jan 2022 06:42:09 GMT
sync
eb2.3lift.com/ Frame A1AF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
5d74d3247fc537372f226d48b650d20e19a47988868b9952f8bcc7d8e44e3062

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 8EDF 		233 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1642401600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
text/html; charset=utf-8
content-length
233
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"e9-GZ2E7tKvySh01E1LZd6JDT9X13Q"
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
generic
match.adsrvr.org/track/cmf/ Frame A1AF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
eb2.3lift.com/ Frame A1AF
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
date
Mon, 17 Jan 2022 06:42:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A1AF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1AF
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzOTI4MzQ4MzUzOTMyMTI4NTQ%3D
date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame A1AF 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=11392834835393212854&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1BCE738178B146B19DDE9C2ABA766A95 Ref B: FRAEDGE1119 Ref C: 2022-01-17T06:42:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXVwXO0cDFRUk4TAY6ATA==
xuid
eb2.3lift.com/ Frame A1AF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11392834835393212854?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D7rPAHVE2oSxPoIF6SM.7rxtu5VN3IeR3PWYnYTkwQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D7rPAHVE2oSxPoIF6SM.7rxtu5VN3IeR3PWYnYTkwQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D7rPAHVE2oSxPoIF6SM.7rxtu5VN3IeR3PWYnYTkwQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame A1AF 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=11392834835393212854&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.121.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-121-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame A1AF 		42 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11392834835393212854&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B99480399999401291B77413AAD98FC1 Ref B: FRAEDGE1409 Ref C: 2022-01-17T06:42:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame A1AF
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11392834835393212854
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11392834835393212854&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11392834835393212854&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CHC9VBZH38MS099W6X01
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11392834835393212854&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A1AF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame EFD3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45771
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 17 Jan 2022 19:25:01 GMT
async_usersync
ib.adnxs.com/ Frame 0C18 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6b3b2e2c-df39-4d08-b908-d75acc6c83ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame 8EDF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
418
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ced9a1e0de435ef-MAN
content-length
1168
expires
Mon, 17 Jan 2022 08:42:10 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 8EDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Protocol
H2
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
13926
g2.gumgum.com/usync/ Frame 088B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
511d82d32a2646158b15faece0fe1fc4e426d1eea4ab48f3324a677dc1435df5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0f588a98630fa30403f2d5c157a097b96"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 085E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 17 Jan 2022 06:42:09 GMT
/
onetag-sys.com/usync/ Frame 9B15 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4CB7 		907 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5892baa769b9d763beac7332cdb48f053073b9c208c2e42700f610228c1b4e4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
text/html
content-length
907
usermatch
ssum-sec.casalemedia.com/ Frame E03B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fb8b1dbb69684d7e543b26da96a9e43270ea82357f13a9bce7350f9ee792ce7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|73|5|221|152|239
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1554
Expires
Mon, 17 Jan 2022 06:42:10 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1201860443167428463
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1201860443167428463
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cac7851c-d0a2-441b-a037-057a519245a1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1201860443167428463
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=507cb9ced7b706cbc82bb794
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=507cb9ced7b706cbc82bb794
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=507cb9ced7b706cbc82bb794
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7255687663
  • https://sync.1rx.io/usersync/tradedesk/8d4e803a-1a3f-44ff-9b00-77b6fb525fef
  • https://sync.targeting.unrulymedia.com/csync/RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
date
Mon, 17 Jan 2022 06:42:10 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb18cf5a54e414adfb3d21135eb5d3f39003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame C131 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433822382859286
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433822382859286
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433822382859286
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame C131 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=b4d2f5c5-3d1f-4550-8353-168a8ae5e901&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=b4d2f5c5-3d1f-4550-8353-168a8ae5e901&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=b4d2f5c5-3d1f-4550-8353-168a8ae5e901&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame C131
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-hP_mJ2lE2uGlC2HXyb4.owBp6SpsyiqB4g0ZbFU-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-hP_mJ2lE2uGlC2HXyb4.owBp6SpsyiqB4g0ZbFU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-hP_mJ2lE2uGlC2HXyb4.owBp6SpsyiqB4g0ZbFU-~A
date
Mon, 17 Jan 2022 06:42:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
ads.yahoo.com/cms/ Frame EFD3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIBKYYU-1V-2B9&sigv=1&esig=2~6f0a1e4fd8ce0db2d20de7a92d32a2ed0d6c043b
0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIBKYYU-1V-2B9&sigv=1&esig=2~6f0a1e4fd8ce0db2d20de7a92d32a2ed0d6c043b
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIBKYYU-1V-2B9&sigv=1&esig=2~6f0a1e4fd8ce0db2d20de7a92d32a2ed0d6c043b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EFD3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJQktZWVUtMVYtMkI5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EFD3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlYTVjZDlkYWZlMzBlNzI2OGY5MGJkOGRkYTJhNjQzM2RmN2RjNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlYTVjZDlkYWZlMzBlNzI2OGY5MGJkOGRkYTJhNjQzM2RmN2RjNw
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlYTVjZDlkYWZlMzBlNzI2OGY5MGJkOGRkYTJhNjQzM2RmN2RjNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame EFD3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame EFD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENo559jsCbH-lrp6_v_pePU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENo559jsCbH-lrp6_v_pePU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENo559jsCbH-lrp6_v_pePU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame EFD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame EFD3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YeUPwgAGOeTksQAm
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YeUPwgAGOeTksQAm&_test=YeUPwgAGOeTksQAm
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YeUPwgAGOeTksQAm&_test=YeUPwgAGOeTksQAm
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642401730.469146,VS0,VE0
x-served-by
cache-mxp6979-MXP
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YeUPwgAGOeTksQAm&_test=YeUPwgAGOeTksQAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame EFD3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TQN8AO5ZIeW9F2HrrgX1gQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2073199542019385303
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2073199542019385303
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2073199542019385303
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
flimpobj.js
pixel.yabidos.com/ Frame 8EDF 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1642401730275&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=5i9obu5yg7ma&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ced9a1e4e2e35ef-MAN
content-length
24217
expires
Mon, 17 Jan 2022 08:42:10 GMT
sync
ads.servenobid.com/ Frame 4CB7 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4487293616802984685&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 4CB7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&gdpr=1&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&gdpr=1&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame 4CB7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=fd49d395-b41e-4b28-b3f9-c6cfc732c8dc&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=fd49d395-b41e-4b28-b3f9-c6cfc732c8dc&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=fd49d395-b41e-4b28-b3f9-c6cfc732c8dc&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2304209
content-length
0
expires
Mon, 17 Jan 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4CB7
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_61e50fc25f614&gdpr=0&gdpr_consent=
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_61e50fc25f614&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_61e50fc25f614&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
/
rtb-csync.smartadserver.com/redir/ Frame 4CB7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1201860443167428463&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1201860443167428463&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e28dc52c-759e-4564-801f-ef4e3b38097f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1201860443167428463&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vbl.gif
pre.glotgrx.com/ Frame 8EDF 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1642401730349&rnd=5i9obu5yg7ma&ifm=1&uai=1&cid=1041&s=filecr.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
2694
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ced9a1f1dec3750-MXP
content-length
26
expires
Mon, 17 Jan 2022 08:42:10 GMT
nflrc.gif
pre.glotgrx.com/ Frame 8EDF 		26 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1642401730336256&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=filecr.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=5i9obu5yg7ma&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=23&icp=https%253A//filecr.com/&irfl=23&irf=https%253A//filecr.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-10-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=21
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1642401727049&secure=true&version=9&uuid=0173dcaa-7b27-44b6-85cd-73d7a72236ab&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94734831744
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
2694
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6ced9a1f1def3750-MXP
content-length
26
expires
Mon, 17 Jan 2022 08:42:10 GMT
pixel
cm.g.doubleclick.net/ Frame E03B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E03B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E03B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T9085867VZCVTRJ4D4A1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4QKE5MN6R9C4AXTXF2TT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YeUPwFJpIr37fKYA181AEQAABFUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E03B 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YeUPwFJpIr37fKYA181AEQAABFUAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f480:735b:95a5:a0a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ix
ad4m.at/ad/sim/ Frame E03B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tpid=YeUPwFJpIr37fKYA181AEQAA%261109
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame E03B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.218
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YeUPwFJpIr37fKYA181AEQAA%261109?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.5.237
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E03B
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ded019e6-9c3e-44a4-81f9-7af461ee653b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ded019e6-9c3e-44a4-81f9-7af461ee653b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 06:42:10 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ded019e6-9c3e-44a4-81f9-7af461ee653b
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame E03B 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YeUPwFJpIr37fKYA181AEQAA%261109&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1642401730333047-367
Expires
Mon, 17 Jan 2022 06:42:10 GMT
sync
ads.servenobid.com/ Frame E03B 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YeUPwFJpIr37fKYA181AEQAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1201860443167428463
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1201860443167428463
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c4f80b82-8316-4e4b-a001-0323d2b7f0a5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1201860443167428463
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=98839511-efad-4438-ae27-1d22975c7f88
  • https://rtb.gumgum.com/usersync?b=bsw&i=98839511-efad-4438-ae27-1d22975c7f88
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=98839511-efad-4438-ae27-1d22975c7f88
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=98839511-efad-4438-ae27-1d22975c7f88
Date
Mon, 17 Jan 2022 06:42:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 088B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%286hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&obuid=ENC(6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3D6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3D6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2600:9000:2156:2800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:11 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
U-u5WE9XPLUU-Z30wkPt9DXRlQTKQ0qTC0ETXKd_UFo5u9CQr7WRwA==
x-cache
FunctionGeneratedResponse from cloudfront

Redirect headers

Location
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3D6hFqoiPxzYSD7UoKhVmRw8C7_RlMAGplcGb1AIo5V-2_6TexUd7R0LwpuM1w8_HW
Date
Mon, 17 Jan 2022 06:42:11 GMT
X-TraceId
c2a757647fe62f6fd25ed7f5de9c3cd1
Content-Length
0
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=798b6f8e-fbdc-495d-8468-76af96d68d87
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=798b6f8e-fbdc-495d-8468-76af96d68d87
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=798b6f8e-fbdc-495d-8468-76af96d68d87
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4$ip$217.64.151.9
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4$ip$217.64.151.9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4$ip$217.64.151.9
Date
Mon, 17 Jan 2022 06:42:10 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-VLQCrCRE2peJVPt9nQRmdw2Neh9QChTHEvp_~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-VLQCrCRE2peJVPt9nQRmdw2Neh9QChTHEvp_~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-VLQCrCRE2peJVPt9nQRmdw2Neh9QChTHEvp_~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=98ef06e1-7760-11ec-b1f8-b73d2eaec644
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=98ef06e1-7760-11ec-b1f8-b73d2eaec644
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=98ef06e1-7760-11ec-b1f8-b73d2eaec644
Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
98ef06e2-7760-11ec-b1f8-b73d2eaec644
services
sync.technoratimedia.com/ Frame 088B 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
896332073
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 088B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=YqIvporCrgDfCbBPUh1o&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLRJF3HA33SINZGORDGINREEUCVNAYW6JTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=YqIvporCrgDfCbBPUh1o&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=YqIvporCrgDfCbBPUh1o&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:11 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=YqIvporCrgDfCbBPUh1o&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7cf18ce5-0285-4e47-af10-4cdfc43e9356
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7cf18ce5-0285-4e47-af10-4cdfc43e9356
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7cf18ce5-0285-4e47-af10-4cdfc43e9356
date
Mon, 17 Jan 2022 06:42:10 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003&rndcb=6395063519
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=98839511-efad-4438-ae27-1d22975c7f88
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=92fd282a-f93a-4ee9-9239-d40a13212fc8&user_group=1&ssp=adconductor&bsw_param=98839511-efad-4438-ae27-1d22975c7f88
  • https://sync.1rx.io/usersync/bidswitch/98839511-efad-4438-ae27-1d22975c7f88?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
date
Mon, 17 Jan 2022 06:42:10 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb18cf5a54e414adfb3d21135eb5d3f39003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 088B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=1i4Z83s5ViZp&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=1i4Z83s5ViZp&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=1i4Z83s5ViZp&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-4hxfv
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 088B 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
content-length
0
sync
ads.servenobid.com/ Frame 088B 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame BFC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x11 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Expires
Mon, 17 Jan 2022 06:42:09 GMT
usersync
rtb.gumgum.com/ Frame 1545
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
  • https://rtb.gumgum.com/usersync?b=atm&i=YeUPwgAGOqblXQAm&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YeUPwgAGOqblXQAm&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YeUPwgAGOqblXQAm&gdpr=0&gdpr_consent=&_test=YeUPwgAGOqblXQAm
accept-ranges
bytes
date
Mon, 17 Jan 2022 06:42:10 GMT
via
1.1 varnish
x-served-by
cache-mxp6979-MXP
x-cache
HIT
x-cache-hits
0
x-timer
S1642401731.531171,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3C36 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzhiMWY5MS0xN2YwLTRjNWMtOWIwZS1kYmVhYzEzMTM3NzY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 17 Jan 2022 06:42:10 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8070 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=109067
expires
Tue, 18 Jan 2022 12:59:57 GMT
date
Mon, 17 Jan 2022 06:42:10 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 0357 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 17 Jan 2022 06:42:10 GMT
usersync
rtb.gumgum.com/ Frame A3D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&t=1644993730
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&t=1644993730
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&t=1644993730
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame E453
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jan 2022 06:42:10 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 17 Jan 2022 06:42:10 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame FEDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 17 Jan 2022 06:42:09 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame D664
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YeUPw8Co5ssAAGvc2ZUAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YeUPw8Co5ssAAGvc2ZUAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 17 Jan 2022 06:42:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 17 Jan 2022 06:42:11 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YeUPw8Co5ssAAGvc2ZUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
1
X-SO-HostName
a-ad40226.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":60,"gdpr":true,"ipv4":"0.0.0.0","key":"YeUPw8Co5ssAAGvc2ZUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40226"}
X-SO-Key
YeUPw8Co5ssAAGvc2ZUAAAAA
X-SO-IP
217.64.151.9
X-SO-Cluster-ID
60
X-SO-Upstream-ID
a-ad40226
usersync
rtb.gumgum.com/ Frame 5A48
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=tDsu40LzyGG7Vk74v2jp&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=tDsu40LzyGG7Vk74v2jp&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT Mon, 17 Jan 2022 06:42:10 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=tDsu40LzyGG7Vk74v2jp&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8070 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32008587&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
99992abc3729a433c58025cebb0cc660f691bc848af1c979e8c6faffdc33465d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 0A35
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 17 Jan 2022 06:42:10 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1A74
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
42 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 06:42:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug006:0:431
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&gdpr=0&gdpr_consent=
Expires
Mon, 17 Jan 2022 06:42:09 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BBA3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2111243133278699853
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2111243133278699853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 06:42:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug011:0:373
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2111243133278699853
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame F159
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 06:42:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:534
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Mon, 17 Jan 2022 06:42:10 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Mon, 17 Jan 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
898883
strict-transport-security
max-age=31536000; preload;
usersync
rtb.gumgum.com/ Frame A7FF 		35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8070
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yyXmJE5IQb2IUV2mqV28tw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=109067
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 18 Jan 2022 12:59:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5ba661e5-0fc2-4c00-be53-5930cf4d9009
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5ba661e5-0fc2-4c00-be53-5930cf4d9009
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Server
MT3 4133 baa842e master cdg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5ba661e5-0fc2-4c00-be53-5930cf4d9009
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Jan 2022 06:42:09 GMT
mw
mwzeom.zeotap.com/ Frame 8070
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CB25E624-4E48-41BD-8851-5DA6A95DBCB7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=8d4e803a-1a3f-44ff-9b00-77b6fb525fef&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4242148624cac215f1b25244494c7df5
  • https://spl.zeotap.com/?zdid=1332&zcluid=a1fb34ce8a089076
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-08716b79a871&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL7Xu-LvMyPuD5_Zsgtf3nU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-087...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEL7Xu-LvMyPuD5_Zsgtf3nU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-08716b79a871&zcluid=a1fb34ce8a089076&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ced9a2479cf83b4-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEL7Xu-LvMyPuD5_Zsgtf3nU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c04b0553-85c1-4f66-76dd-d470f55f0961&reqId=8756f105-6bd9-401d-598a-08716b79a871&zcluid=a1fb34ce8a089076&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0IyNUU2MjQtNEU0OC00MUJELTg4NTEtNURBNkE5NURCQ0I3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:417
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8y7kHU9s0Hwz47qUzHFvA&google_cver=1
42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8y7kHU9s0Hwz47qUzHFvA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 03:07:48 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:329
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8y7kHU9s0Hwz47qUzHFvA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8070 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Jan 2022 06:42:10 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3319337312637487731
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3319337312637487731
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:474
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3319337312637487731
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:526
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8d4e803a-1a3f-44ff-9b00-77b6fb525fef
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1201860443167428463&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1201860443167428463&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:474
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:10 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c76a82e-908a-46d6-b2c0-9278589db2f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1201860443167428463&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8070
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CB25E624-4E48-41BD-8851-5DA6A95DBCB7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NMta3txE2uWfghmjPTna6xu_cEJ1y7s-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NMta3txE2uWfghmjPTna6xu_cEJ1y7s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NMta3txE2uWfghmjPTna6xu_cEJ1y7s-~A&gdpr=0&gdpr_consent=
date
Mon, 17 Jan 2022 06:42:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame E453 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45771
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 17 Jan 2022 19:25:01 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame E453 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KYIBKYYU-1V-2B9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame 0C18 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:11 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
98e55312-2a3d-4df4-918c-707ec70868ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
admin-ajax.php
filecr.com/wp-admin/ 		15 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-admin/admin-ajax.php
Requested by
Host: filecr.com
URL: https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27, PleskLin
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://filecr.com/en/?id=94734831744
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 06:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.27, PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg5eg3z9LFEBlhZdbX3YUSAQnZ2Afw6rxd%2BmvXl0xTomFYcTJV1b%2BKzOqJk6fRBfvV9aTR6kVfqFcHuLkXeEoWBFUcHtctYAGeeIaIxIqasQjMnkk63Cc17netgjHfkfv8K5ycnzHnLo"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ced9a2b9b760dfe-MXP
expires
Wed, 11 Jan 1984 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8070 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| cppVars undefined| $ function| jQuery object| advads_options object| advads number| advadsCfpExpHours number| advadsCfpClickLimit number| advadsCfpBan string| advadsCfpPath string| advadsCfpDomain object| advadsCfpQueue function| advadsCfpAd object| _mNHandle string| medianet_versionId string| medianet_chnm object| medianet_misc function| gtag object| dataLayer object| adsbygoogle object| twemoji object| wp function| advanced_ads_check_adblocker object| XVlFDpwMxAyOqY21e function| _0xe10c object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| __SVG_SPRITE__ object| ratingPlugin object| Confirm object| notification object| ShPublic function| updateQueryStringParameter function| setCookie function| onlyUnique object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| advads_admin_bar_items object| advads_has_ads object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| advadsProCfp string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| hbCMBidxc function| _cR function| _cD object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| bsagpt object| bsaheaderbid object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| Criteo object| sas object| apntag object| _ADAGIO object| google_llp string| mantis_uuid object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_js_items object| GoogleGcLKhOms object| ONFOCUS object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

112 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQjJyWtuYvCgoI4gEQjJyWtuYvCgoI5gEQjJyWtuYvCgoIhwIQjJyWtuYvCgkICRCMnJa25i8KCQg6EIyclrbmLwoJCAsQjJyWtuYvCgoIjAIQjJyWtuYvCgoIngIQjJyWtuYvCgkIXxCMnJa25i8=
.mrtnsvr.com/sync Name: userId
Value: BqxNDd2fp
filecr.com/ Name: PHPSESSID
Value: 6vnohka9eb4g0ss2sg5r81qsbm
filecr.com/ Name: advanced_ads_browser_width
Value: 1600
.filecr.com/ Name: _ga
Value: GA1.2.163598038.1642401726
.filecr.com/ Name: _gid
Value: GA1.2.1682613035.1642401727
.filecr.com/ Name: _gat_gtag_UA_139662474_1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYASABKAEwvp-UjwY4AUABSAEQvp-UjwYYAA..
.adnxs.com/ Name: uuid2
Value: 1201860443167428463
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: khaos
Value: KYIBKYYU-1V-2B9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqF+iaTjznNlTpcd3HBZZ775PzI6EyVJjlVAthPpLFZy2M2xzS3OTeyTLQpDmHaqIlo2B05UvZjL5aXonjhrrvlsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUlwyWfgwGMJHG-CPwVhixOLZbIFQ0PPdScCb1-2pfmRWccYtZOUDOf7YPuhsKI
.filecr.com/ Name: __gads
Value: ID=01bdd175e247b250:T=1642401726:S=ALNI_MbZNBCkWjIks8s76GcpRCk3W7mL_A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: fd49d395-b41e-4b28-b3f9-c6cfc732c8dc
.casalemedia.com/ Name: CMID
Value: YeUPwFJpIr37fKYA181AEQAA
.casalemedia.com/ Name: CMPS
Value: 5203
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb6N(SQp!@wnfH8K6pQK`!5=E<*L5?%M378Q+<hr%If_0>RN65R=0_KNL=:/^q^1O.(v%nugO%v4VB%nu6v)^#/G
.casalemedia.com/ Name: CMPRO
Value: 1109
.filecr.com/ Name: cto_bundle
Value: uzSZJF9FdEslMkJBZWxLdUFqY1lEaXZYOWJiJTJCOUs0U2I5WU5uM0dLbVE4QWtsJTJCYjBqU1hBUHVjMDhyQXlCT0czZDElMkZEUGZ6NThhNDZ4c0dJWnhSUjZxOUJHVklTZE5TWVdqZ1FjcWlkVSUyQm5zOVJHSWtmSURpU3NVQnRyNVJOQXpTcWlRTGs1eDNMNUl0STZZdk0lMkZjdDRucUtDbFElM0QlM0Q
.3lift.com/ Name: tluid
Value: 11392834835393212854
.advertising.com/ Name: APID
Value: UP979f54b2-7760-11ec-b403-0200651b21ca
.media.net/ Name: data-g
Value: CAESEFoNZ_4EYYDEGbhMcVZea20~~3
.media.net/ Name: visitor-id
Value: 2854033288884163000V10
.yahoo.com/ Name: A3
Value: d=AQABBMAP5WECED3M_mns2zXWRoJKF_ejJgUFEgEBAQFh5mHuYQAAAAAA_eMAAA&S=AQAAAvxu3DhEBmaZMxJKDGsXzFQ
.yahoo.com/ Name: APID
Value: UP979f54b2-7760-11ec-b403-0200651b21ca
.yahoo.com/ Name: APIDTS
Value: 1642401728
.lijit.com/ Name: ljt_reader
Value: 507cb9ced7b706cbc82bb794
.sharethrough.com/ Name: stx_user_id
Value: 2a53fb50-8e19-4fb4-86bc-5e4552e84cd6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CB25E624-4E48-41BD-8851-5DA6A95DBCB7
.bing.com/ Name: MUID
Value: 3C596AD0D0EA633007557BFFD1816220
.adsrvr.org/ Name: TDID
Value: 8d4e803a-1a3f-44ff-9b00-77b6fb525fef
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a52a407a-ce5c-4273-8076-93187cf51645"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDI0MDE3MzA7MjswMjEmHUENX0tA9+UGe1Y0XGll0t8IBzkbcOQBfchqrsvSsQ==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2608:u=1:x=1:i=1642401730:t=1642488130:v=2:sig=AQGLa6_9i8S3kFfAT-6CD1RBsTxf4qBI"
.smartadserver.com/ Name: pid
Value: 4487293616802984685
.casalemedia.com/ Name: CMST
Value: YeUPwGHlD8IA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 1201860443167428463
.servenobid.com/ Name: pid_337
Value: y-hP_mJ2lE2uGlC2HXyb4.owBp6SpsyiqB4g0ZbFU-~A
.servenobid.com/ Name: pid_317
Value: 4487293616802984685
.gumgum.com/ Name: vst
Value: e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776
.servenobid.com/ Name: pid_310
Value: 507cb9ced7b706cbc82bb794
.dyntrk.com/ Name: dyn_u
Value: 05030001_61e50fc25f614
.bidswitch.net/ Name: tuuid
Value: 98839511-efad-4438-ae27-1d22975c7f88
.bidswitch.net/ Name: c
Value: 1642401730
.bidswitch.net/ Name: tuuid_lu
Value: 1642401730
.openx.net/ Name: i
Value: 5d1af4a7-7a4e-4efc-b9c5-aeaa3aa1bf3c|1642401730
.servenobid.com/ Name: pid_333
Value: YeUPwFJpIr37fKYA181AEQAABFUAAAIB
.servenobid.com/ Name: pid_309
Value: e_9c8b1f91-17f0-4c5c-9b0e-dbeac1313776
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003%22%7D
.mathtag.com/ Name: uuid
Value: 5ba661e5-0fc2-4c00-be53-5930cf4d9009
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: DPSync3
Value: 1643587200%3A201_197_219%7C1642464000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1642982400%3A223%7C1643587200%3A161_13_7_56_54_3_220_21%7C1643673600%3A35
ads.stickyadstv.com/ Name: UID
Value: f3729e89139099bd406c974a913fa92
ads.stickyadstv.com/ Name: sessionId
Value: f8169d065e9324675a1b0106c8f41ae
ads.stickyadstv.com/ Name: uid-bp-34673
Value: YeUPwFJpIr37fKYA181AEQAA&1109
.servenobid.com/ Name: pid_321
Value: RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003
.creativecdn.com/ Name: u
Value: tDsu40LzyGG7Vk74v2jp
.creativecdn.com/ Name: ts
Value: 1642401730
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmJkYmBobmxgYmkCAEiS3ywQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMgJiC1NLIwszIT5D3YKkyMBwf8ekAgPXCACia0a2JQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMgJiC1NLIwszIT5D3YKkyMBwf8ekAgPXCCleQzMTIxMDQ3NjAxNLEwDWcBNGNAAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YeUPwgAGOqblXQAm
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4242148624cac215f1b25244494c7df5
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDEyMTI0sTAzMklOTDYyNE0zTDIyNTIxMbE0STZPSTNlAILEp%2FyHQDQUAAA3mAow"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIfMp%2FCEhBAQAaCwIY"
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~22pi:18wq~22pi:196n~22pi:18z8~22pi"
.360yield.com/ Name: tuuid
Value: 7cf18ce5-0285-4e47-af10-4cdfc43e9356
.360yield.com/ Name: tuuid_lu
Value: 1642401730
.a-mo.net/ Name: amuid2
Value: b4d2f5c5-3d1f-4550-8353-168a8ae5e901
.servenobid.com/ Name: pid_324
Value: 5107433822382859286
.zemanta.com/ Name: zuid
Value: YqIvporCrgDfCbBPUh1o
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&KRTB&16736-uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&KRTB&23019-uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009&KRTB&23208-uid:5ba661e5-0fc2-4c00-be53-5930cf4d9009
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8d4e803a-1a3f-44ff-9b00-77b6fb525fef&KRTB&22918-8d4e803a-1a3f-44ff-9b00-77b6fb525fef&KRTB&23031-8d4e803a-1a3f-44ff-9b00-77b6fb525fef
.postrelease.com/ Name: opt_out
Value: 1
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_327
Value: b4d2f5c5-3d1f-4550-8353-168a8ae5e901
.simpli.fi/ Name: suid
Value: 4F3538F4809A4A7896F5D9D98FAEA2AD
.de17a.com/ Name: guid2
Value: 1.2111243133278699853
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEG8y7kHU9s0Hwz47qUzHFvA&KRTB&16514-CAESEG8y7kHU9s0Hwz47qUzHFvA&KRTB&23025-CAESEG8y7kHU9s0Hwz47qUzHFvA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1201860443167428463&KRTB&23339-1201860443167428463
.pubmatic.com/ Name: PugT
Value: 1642401729
pool.admedo.com/ Name: tuuid
Value: 92fd282a-f93a-4ee9-9239-d40a13212fc8
pool.admedo.com/ Name: c
Value: 1642401730
pool.admedo.com/ Name: tuuid_lu
Value: 1642401730
.adform.net/ Name: uid
Value: 3319337312637487731
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3319337312637487731&KRTB&23263-3319337312637487731
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2111243133278699853
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b18cf5a5-4e41-4adf-b3d2-1135eb5d3f39-003%22%2C%22nxtrdr%22%3Afalse%7D
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: 8db9c20b-8063-41bb-bbbc-80a3cb3c2c4c
.smartadserver.com/ Name: csync
Value: 69:05030001_61e50fc25f614
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4.9Oh%2F9JKwyBNAa0T%2BaarTTUfCMn%2FTJYWg1Ox7bHXlVhA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-25bdfac6-9cd1-4b06-60e9-faf3c91f2ce4%24ip%24217.64.151.9.jmOCIc0YTydpSSgWi2vV9NcjP7rUXftnusTOrw0mum4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 08795d701b065355
.onaudience.com/ Name: cookie
Value: a1fb34ce8a089076
.onaudience.com/ Name: done_redirects147
Value: 1
.ipredictive.com/ Name: cu
Value: 98ef06e1-7760-11ec-b1f8-b73d2eaec644|1642401730801
.casalemedia.com/ Name: CMRUM3
Value: dd61e50fc22760&2761e50fc20b40&f161e50fc205a0&0561e50fc205a0&2d61e50fc02760CAESEBwWBIwxYrPGfPPOAsMCkTs&ef61e50fc205a0&9861e50fc22760ded019e6-9c3e-44a4-81f9-7af461ee653b&e661e50fc22760&4961e50fc205a0
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj4gZjU0OOsOhAFGAEgASgCMgsIrse_hOfjrDoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: c04b0553-85c1-4f66-76dd-d470f55f0961
.zeotap.com/ Name: zsc
Value: %E3%27%EA%C2%B8%BE%9A%EF%E0%A7%3A%05P%9B%7Co%16B%D9%D4_%F0%FB%C0Au%3D%0E%92%E4l%3E%DFL%F5%13%2C%A0%D7%E56%BCZ3%B0%90%938%89%DC%FE%C5%A5%0F9%B3%CD%B6%E9%1CV%A7%14%BD%00%E5%1D%16%89%C0%A3%D7%BE%1AS%2C%22%ADYo%F9E%C1
.pubmatic.com/ Name: SPugT
Value: 1642401732

10 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEH_nh7QT2RfstSb9izhNLnY&google_cver=1&google_push=AYg5qPLZ6ayJcra1_iaSE15wKwm9c5ZfdEGoXi7d9m5m_5OthtNgDT3lt9wl55jtcq_sWaWnK8K8Fy1AT-KpiWQUTgS1OaOGdb-Z
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJzWOw6Hjse-QAtPB11u96UHYvYxXBQMk4SNGWyoXmprWF2f9TiROgyvTwMS7PCXgch3Fiv_2ZDLzscaWHysGMIE0i6ZHE
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKcQws4Sny2mTKH1IgWuBvUzOzb70rcU_SFShmrufmqfDVm2fCNkU0y1Rq3pyFgSeuRCaMyhPKb-WkF-vxWbH4dezXqibI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_push=AYg5qPJQ7ksSE5gdI6dydh3I_P7q_qMg0jUXOw-kI2rSJ6wBXlN0xzGd1j5xXAMDxH595ETMFvJ2hd-c_kcQYyKY2cTg6xHk8Hn1&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPKtwMMN17MKb0q88ZYpUK6hAbjoynOdx6D3LpXSXbnf_c_W2gTOk9nv9MWFNTgQ-iAqWYDE37VaWuL-ABDRQGGlBbskzw&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeUPwFJpIr37fKYA181AEQAABFUAAAIB&google_cver=1&google_push=AYg5qPJyN7trvfAVU4s6jY3fUpaZvPv83oiyw2S9vZT23K8ZRrkIbxmoDrDDfeNzzu46jgBTuvp5W5evhj0JFyGC2kns1aytq7gb&google_gid=CAESEAO6GI34FlQOTdwB4CFFc3U
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIHBQV5bFhkKK42M6hKC3S3jhM0nkYXbs82YYglDRM-UXcRD0jgt1LRegqEbSDqZT6jL5AmPpMwa6zYR8JCZhZ1-VxGKIM
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=BqxNDd2fp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2fe1f2345b53e2bd90e67f6f1920bee8.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad4m.at
ade.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
ecs.mantisadnetwork.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
filecr.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.yabidos.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
r2---sn-4g5e6nz7.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
webcrx.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
104.16.200.58
104.90.192.27
104.92.74.8
129.159.70.95
13.248.245.213
135.125.160.160
142.250.186.130
142.250.186.162
142.250.186.34
147.75.38.124
151.101.194.49
159.122.14.34
169.197.150.8
172.217.18.98
178.162.133.149
178.250.0.157
178.250.2.131
178.250.2.151
18.156.0.31
18.185.129.183
18.195.155.181
18.197.210.187
18.198.121.250
184.87.212.24
185.184.8.65
185.255.84.150
185.29.134.244
185.33.221.53
185.33.221.91
185.64.189.110
185.86.138.119
188.34.152.202
192.0.77.2
193.0.160.129
198.148.27.139
198.47.127.19
198.47.127.20
199.187.193.166
2.21.141.148
2.21.141.175
2.21.141.232
2.21.142.210
202.241.208.100
213.155.156.169
213.19.147.44
216.52.2.19
216.52.2.39
2600:9000:2156:2800:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700:3035::6815:5fcf
2606:4700:3035::ac43:8bfc
2606:4700:3039::6815:c08f
2606:4700::6810:125e
2606:4700::6810:78c3
2606:4700::6812:372
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:65::7
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:2638:1::13
2a02:2638:1::3
2a05:d018:d29:3601:f480:735b:95a5:a0a3
3.124.87.92
3.217.216.1
34.102.163.6
34.248.122.81
34.249.68.36
34.98.64.218
35.157.102.105
35.157.246.167
35.174.217.176
35.210.53.219
35.227.252.103
35.244.174.68
35.71.131.137
37.157.2.237
51.222.80.231
51.75.86.98
52.2.183.88
52.200.181.105
52.31.82.104
52.46.154.242
52.49.84.113
54.226.209.67
54.236.185.42
64.202.112.127
64.202.112.159
67.202.105.23
69.173.144.138
69.173.144.139
94.31.29.32
01c7399ecbe1c0d5305c8fd86ba021fed2ef42406294d2ea51c34d68f5dc5996
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02c5f050cc94d8316f95eba619abd3cccda98f18297cdd45d78d8201cd32daca
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c411a4cf06931ff34a527f0adf4d742854c3ee72b245ab288588cee43d41861
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0e220e2bb80cd194c12b29df68f7e7fad22a89aa167fc866c421be555a3e3903
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
111d466a363d63abd31ac477919bb8746df933bfad404b24f137fa0fda70db6a
119304315bf1eb923b7630c6392688ff2b6687ab7e33d37f29ba6fa1ee99c737
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14a39db74c26db85fcc99a558830bf5418330add4b214838edc95dab71e7d3db
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a48949e222f4d06fa2b976a5a69eeaca967c0c0579e10c43104c04bc4f46bba
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c
1aef52dbbc041e1a423bad6a3e3193dc6f9be68deb0e3e33877ffe5416f20337
1b65a7aa987c50237316272bf67e43e52f6e529a3677e8e007b8c80d8474d0af
1bd5fe4781cc8469ab49d022f844a9ad852146998af61da661821b98631c4db4
1e99c54c8d777d1b291f68296ac99fe0c7b8f51153eb7b36b1a88b4783bfd2bc
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
249f537d8e7349dab5ab2e541e485351315526451ae2e8979422f33a215307c2
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2be0ff5e87328b847db47c3d052196266daa6e33d17cd847143511eab0022bd0
2cb5ef98ed9a3c63e2986c9c90f21c4ba8ba28396343626a26811fd9d3bf7e40
2dbf9d021e5475b0ef9d7751b121a5fca5c02e2f08f946a8faa984935e07eb33
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32e5001b17a48b617e837d3d9d688c58e0efd0410e42a4eee51f238a104f3302
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c006ba40acaf78b891843db626ab159aca688e2605eb0a8e26a54c976dcc0fe
3d0f01e1bde796cd22d34bbe3dff4b35ef72587452e8def7fd39fc2a166e1683
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da04b183f0c2f30f338427c543e8e50ab9bc23b21c51601b6e02cd365588d6a
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0665cf11b3e8c709fddb9c8664d193536c46e78fb3aa697ee2680d5c695814
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4038594ce974eb1639deb8e33c3f2f2a41cc0156ac709abd5127f5844523dc39
41794f6797cb26bbd539f53c4b4487d1e4a27371621fc6cfb47b017e65df5fb3
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45d759f36d50ce11a943fea6ef65581345d0112491cb970eb5ea59c7eb61361e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a125edaaa1abf5064686a1910d7e944ac68309befea67d55aac0f31b5b948d0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e27bb82381999d0842afd72f4cbc414a92f58ac336bb54f3e4898a441d2070f
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4e63131bacad41fd7253ecad93f16341b3b572ce7dfe808119e72f1b5e948cda
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511d82d32a2646158b15faece0fe1fc4e426d1eea4ab48f3324a677dc1435df5
52c66ed449331651827905509e3a8052cdd8e4c68c29795f0161ab4808bd93ad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93
57f7d77eedbf82b1e32dbd607f0cc62c4f5f194ea83c807ad21616c6ea5e34ea
5892baa769b9d763beac7332cdb48f053073b9c208c2e42700f610228c1b4e4c
5a2417f4bfdb8bc6e01ae0ace5e83d72d5d0e7776917448869590e5422be9f68
5a45792c7db4934ab03ec970a8c0ba92d5b85e5af4482112dc9727fe94197250
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d74d3247fc537372f226d48b650d20e19a47988868b9952f8bcc7d8e44e3062
5f6f2b3052be8ba78f0217bd14403580a97cd15087f1a941742b0121b72feac2
6000657b05d6f39e5fa69ac2d8654c5c06d3679a87d541e604835e6f2e976fc5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
6436ca320f88073f092d4a9fdda0f5d78d0a248530e7cea8e2a3bce277bf1945
648ece012c8f29dd46ad63501eb12fab3d3fc27aca061c35f743cac6c59094b9
648f7cf407900f2e498ddfe9877165ea8cd6c728a76e1bdae7d62cce77592852
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66435edb579006becfdef95cf1022edfd13d4d7c09bbdc142bd38924cb54f293
6865183b5339acb11b7b41891ab5fc83a67800a7ca84162f0fb8ec040804c43c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b10b7ca44656ec9a4c148ef47bc0cd68a05a9e00b7de1e7084c3eb1b5921f61
6b26e78f7083cb5679609915da7d081810e1f597544ec9152d8c68f194f636eb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cebe0c20b9ec7068e45f5b01490e8a08c064d849f3237e93ccf367f69d88f81
6d0678d80d8b1949a0ed1da581849420658f5dbb0fc02eb8464883076917f4ae
6d3e686230e4e8374eb3200441bbf730ca3c3a346f07a538f60763fd44bbd610
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
7322920f4ee2cd9da512d5800084633615395fe53b063ea0cfd61d69daf606a6
73a6660457f044e88cfa39a91ca29c6cf9610e1f33b0188b4cc75b6de7dd5f67
7428476a4adfddb546daa3c61d0d47f018fe2769f429a7154eaab0dde06f4bd9
74702e2e052b4f1c01d693725269d1c42e3b3859a30a5af128037edbcb3ac4a9
75188ca07793fa054c11eb11dcfb8bf9593d276676997fa774d09f376bd41842
75b754c036c31f8b66677cceef833ff56b47f4d942c9e299195fca046d72d453
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080
7a5a93555a9ae33a15fcf3bdc1eed6ed7ea2caef8d6155da3168190b5d38c89a
7c06481269ba2f82dc841852b295e6fbf33266267833b626a043ae8124bebd06
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
7fb5ba4eecb1ba70b4ddd48dfe4c0d0c37e8bbdd83cf891a412f622f58450754
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
803c9f605a135389db61d95e51c42329605472af402ca0dc7c00103ff9c8c333
824a9e9f562ccbb94360a456dd7e1a3fd5eb285d3f4112cde92c6a4a437772b0
8268f215e2495135c2a979ae839a3abe0c17a99d9d84007b81e1411f364eac14
82b619cbf3a19f241d38f222b0993708ab553b65f47b8d82e328506e5d00a94f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838139869b7bc1df3ee13809b3c78ee34a21df019e9eb6cdee5b259d3c0f03fc
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
86e82559d4b1d2e5504f74eb46709e1a286fbf40956e36e4a7961586cefd274b
8738f5128361d906f573de7214567b512e751ab094d4668e6e103aa443b6fe53
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed
885adf90cbd374aa089e03173990d608d5ff78aab43e98f9d7afe2819118fca1
88b6e462f7f0a541cc653eb4ed59a2a19928be059f699bb55404c0c4b74fa46e
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8b113a09b154db21844467b3fa42dbdf74557f3ed07bf8eb10f928123a024808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
916f95aab27db27c31734b1e4046ba49c450f47b13372f01f1717957d964fd6e
954efeeeed54c7209ca01cd3dc98fedc2f663eddc528a0dbe327b14cf0c7fac9
9760a9f96ef90c3d9f294d206df4342e7a55673a918c3090c22a29cc6557bade
992986202320003b6f0a84d0e71014e66873c108eaabd74498f4b7df05a7a33b
99992abc3729a433c58025cebb0cc660f691bc848af1c979e8c6faffdc33465d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e43ed9cdd65380344ceb930783193e502e3f95b6246bf660bebd76c8e99105
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
9d21a7994290375fa8f0beece2ea372ab8fa8d890c4dd88c2dfa92c3e1ccf1a6
9dc71a2cc4e8793bd49c23b266917e4412075d7eaa9a9e2f1c5e73a3414fbb44
9f592387f66450e218293b2463bffd2e3e17fa1845b3aba97ad2b49a589319cd
9fb8b1dbb69684d7e543b26da96a9e43270ea82357f13a9bce7350f9ee792ce7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
a110ff47a2d14c8c8141a5a1c9ab1b50b28406af5d0b4683ca33adde49409a81
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a36b621503e3cd21c5f0fc811232a1ae2801e80a78cdd86afdbe2324399161f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d7fbaa9a062416430e981f98bc12077c7d434c110618216e6ae94914660c95
a5001e81e81fe1930c1fe0a7864876db2d14284c13734e883241c65bc9345428
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a822b9455b872d829a1db0959065d0714797a32059c07dfe080541529c7e2116
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd669956964821a13f74ee0786b8d93b4a6a7c4507e5926dd9d741b239fb9a5
ad0e979c5a9356bda8db0b396959b64de6acce6905c1672ced1ffd4d275d05aa
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b0de8f122bf6190f1e241f4e5a70e1a7df49fec5fc55a452d81da1d3823e50ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3867083981befa13f81ddd8f02cb34e44b67de6ad62dd4e9a4dc9d8e21058f8
b48baebda9d2827db00901dc2141cc96bceae85b474003b21e353cc3471b300c
b4ee0451a13fe8b5a647e943833ba8a74319f6f75fef2d3e9d4ac67d7e895767
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b92ae5e7b73cb9ce6e4a051be2db3e894ec57c731c1f04cfb5ae948180cddf56
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5163406e67ed20eaa515adafb7b90d2e6b411029bc6903dca2349bb20f2005
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bcaed03e08f7c64607442e34049408f9644e7f8742b7f6461b513afc207334dd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be40f968567fff526118121bcf53480cb1339bdb5b84050da148080a16f55abc
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e
c0007c453001645a4a4c30e34795d62ecb14cc09e1c68765fe46e7312f99b738
c01b4faf83772b08fd6c24d8a0b1fb7a36d7001720272b40026cc28041ab25bb
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb
c06e66ec6aa3961a0dfa2afa4982b4c54af4ff82e67ec6c9ac66cd67b2185d9a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5e0754ccb59642b36cb5597a08248e5e2ca9c1356c3e3c977a2e7696a9e0058
c7f732fba307a2b3ae9c997c90c001400a2b145595ffad12ad7591e37b26d26e
cb394ca2d21434bd0e78976c783b8eec35bfb6f1404bf31d0d9969d06c9535d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07a67c130919e9cf64bfb30fd7a196e14bb3c469c19de3e08debde52b0672c6
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbf709da41534833f5ab1ca09cdf4b9351b3489a72e8e61bd992fdcbaba8f614
dc63319416d7b81a7c4da618d75ec674707eaa6b79c89d171fa31b9a2594635a
ddf7d065434ac62640308950fb5a70224ef8ea145223c47668173409dafe5130
de0026beacb0fa66759930355e717fe89078974692859c2aeea06f11b64c1de0
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e384b930ed245da708a4c5f659f27bd6403e4daaca630481e4741e15f180cc6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f6b525b560f5a3fceea51b80b88c0fae967e1a7908cd8eb853714ced86625
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e53d26d8cacae6cceb2f2fbec3b46d997ad9b48949f15b9e9828502397288ccf
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
e72004751986ef48a5dc849c02a62473e99c5e39aec100b88cdd7a0c777d19bc
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ebddbe0c94a9b05eeaf99ef48a61501d39604165df332ad582e27ca95eb5a1b3
ee2736408c1e827244ce263e68e6531729d95d91524b2412c0435ace5fe51045
ee42890701d480e6f92e0317494fc9533ae02cb222a0a43cba9c62a8ebcced2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
f4352515b6981f953c9e515d3707fa933bc74c5ee7239f4d2e4b222b775efd07
f4ad7ba581345581bd301ba579eab4b9c302de6d48500ebe035af043c9dfdc41
f4d11cbdea784b7b701da55021c88bfd1629c317257a83b94a7a251771adb8fc
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f83cbe88d973681a0fe73b5ef74754aadfb307cc4447c685993230a06151fb91
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
f9565cbb9865ccfbc15a1c0aefdc3f162dee2f37343f209f117e53e73e75b681
fabd7048680553d7858f52cd265cb8c817aca93fbd8d37bce33f67d850d34020
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd2a340f62dce684bb58c24e04c2299892adef16c20a5668bbb87dbdef654eaa
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4